admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 17:01:01 +00:00
parent 22200a76fa
commit cbe29460f5
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
20 changed files with 2991 additions and 1967 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

260
2008/3xxx/CVE-2008-3651.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-3651",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals."
"value": "CVE-2008-3651 ipsec-tools: racoon memory leak caused by invalid proposals"
}
]
},
@ -44,153 +21,210 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:0.2.5-0.7.rhel3.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:0.3.3-7.el4_7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.6.5-9.el5_2.3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
"url": "http://secunia.com/advisories/32759",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32759"
},
{
"name": "ADV-2008-2345",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2345"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "MDVSA-2008:181",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181"
"url": "http://support.apple.com/kb/HT3639",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3639"
},
{
"name": "[ipsec-tools-announce] 20080724 Ipsec-tools 0.7.1 released",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc"
"url": "http://www.vupen.com/english/advisories/2009/1621",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "oval:org.mitre.oval:def:10453",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453"
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
"url": "http://secunia.com/advisories/35074",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35074"
},
{
"name": "30657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30657"
"url": "http://support.apple.com/kb/HT3549",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3549"
},
{
"name": "32971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32971"
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"refsource": "MISC",
"name": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
"url": "http://www.vupen.com/english/advisories/2009/1297",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
"url": "http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2"
},
{
"name": "ADV-2008-2844",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2844"
"url": "http://secunia.com/advisories/31450",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31450"
},
{
"name": "[ipsec-tools-devel] 20080724 Ipsec-tools 0.7.1 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2"
"url": "http://secunia.com/advisories/31624",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31624"
},
{
"name": "GLSA-200812-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-03.xml"
"url": "http://secunia.com/advisories/32971",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32971"
},
{
"name": "SUSE-SR:2009:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
"url": "http://security.gentoo.org/glsa/glsa-200812-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200812-03.xml"
},
{
"name": "1020667",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020667"
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=456660",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=456660"
"url": "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601",
"refsource": "MISC",
"name": "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601"
},
{
"name": "32759",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32759"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181"
},
{
"name": "31624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31624"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0849.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0849.html"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
"url": "http://www.securityfocus.com/bid/30657",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/30657"
},
{
"name": "31450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31450"
"url": "http://www.securitytracker.com/id?1020667",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1020667"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
"url": "http://www.ubuntu.com/usn/usn-641-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-641-1"
},
{
"name": "USN-641-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-641-1"
"url": "http://www.vupen.com/english/advisories/2008/2345",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2345"
},
{
"name": "ipsectools-racoon-dos(44395)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44395"
"url": "http://www.vupen.com/english/advisories/2008/2844",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2844"
},
{
"name": "SUSE-SR:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
"url": "https://access.redhat.com/errata/RHSA-2008:0849",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0849"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601"
"url": "https://access.redhat.com/security/cve/CVE-2008-3651",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-3651"
},
{
"name": "RHSA-2008:0849",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0849.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=456660",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=456660"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44395",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44395"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453"
}
]
}

247
2008/3xxx/CVE-2008-3652.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-3652",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "src/racoon/handler.c in racoon in ipsec-tools does not remove an \"orphaned ph1\" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption)."
"value": "CVE-2008-3652 ipsec-tools: racoon orphaned ph1s memory leak"
}
]
},
@ -44,138 +21,200 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:0.2.5-0.7.rhel3.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:0.3.3-7.el4_7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.6.5-9.el5_2.3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
"url": "http://secunia.com/advisories/32759",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32759"
},
{
"name": "ipsectools-orphanedph1-dos(44424)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44424"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "MDVSA-2008:181",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181"
"url": "http://support.apple.com/kb/HT3639",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3639"
},
{
"name": "1020692",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020692"
"url": "http://www.vupen.com/english/advisories/2009/1621",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "ADV-2008-2378",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2378"
"url": "http://secunia.com/advisories/35074",
"refsource": "MISC",
"name": "http://secunia.com/advisories/35074"
},
{
"name": "30657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30657"
"url": "http://support.apple.com/kb/HT3549",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT3549"
},
{
"name": "32971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32971"
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"refsource": "MISC",
"name": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
"url": "http://www.vupen.com/english/advisories/2009/1297",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
"url": "http://secunia.com/advisories/31624",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31624"
},
{
"name": "ADV-2008-2844",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2844"
"url": "http://secunia.com/advisories/32971",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32971"
},
{
"name": "GLSA-200812-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-03.xml"
"url": "http://security.gentoo.org/glsa/glsa-200812-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-200812-03.xml"
},
{
"name": "SUSE-SR:2009:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181"
},
{
"name": "oval:org.mitre.oval:def:10448",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10448"
"url": "http://www.redhat.com/support/errata/RHSA-2008-0849.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2008-0849.html"
},
{
"name": "31478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31478"
"url": "http://www.securityfocus.com/bid/30657",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/30657"
},
{
"name": "32759",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32759"
"url": "http://www.ubuntu.com/usn/usn-641-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-641-1"
},
{
"name": "31624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31624"
"url": "http://www.vupen.com/english/advisories/2008/2844",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2844"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
"url": "https://access.redhat.com/errata/RHSA-2008:0849",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2008:0849"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
"url": "http://secunia.com/advisories/31478",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31478"
},
{
"name": "USN-641-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-641-1"
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel"
},
{
"name": "[ipsec-tools-devel] 20080811 [PATCH] Track and delete orphaned ph1s",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel"
"url": "http://www.securitytracker.com/id?1020692",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1020692"
},
{
"name": "SUSE-SR:2008:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
"url": "http://www.vupen.com/english/advisories/2008/2378",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2378"
},
{
"name": "RHSA-2008:0849",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0849.html"
"url": "https://access.redhat.com/security/cve/CVE-2008-3652",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-3652"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458846",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=458846"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44424",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44424"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10448",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10448"
}
]
}

232
2008/3xxx/CVE-2008-3836.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-3836",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions."
"value": "CVE-2008-3836 mozilla: Privilege escalation using feed preview page and XSS flaw"
}
]
},
@ -44,148 +21,183 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SSA:2008-269-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232"
"url": "http://secunia.com/advisories/34501",
"refsource": "MISC",
"name": "http://secunia.com/advisories/34501"
},
{
"name": "DSA-1697",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1697"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
},
{
"name": "firefox-feedwriter-code-execution(45350)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45350"
"url": "http://www.vupen.com/english/advisories/2009/0977",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/0977"
},
{
"name": "USN-645-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-645-1"
"url": "http://secunia.com/advisories/33433",
"refsource": "MISC",
"name": "http://secunia.com/advisories/33433"
},
{
"name": "32144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32144"
"url": "http://www.debian.org/security/2009/dsa-1697",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1697"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=430658",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=430658"
"url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~",
"refsource": "MISC",
"name": "http://download.novell.com/Download?buildid=WZXONb-tqBw~"
},
{
"name": "ADV-2009-0977",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0977"
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html"
},
{
"name": "USN-645-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-645-2"
"url": "http://secunia.com/advisories/31984",
"refsource": "MISC",
"name": "http://secunia.com/advisories/31984"
},
{
"name": "31346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31346"
"url": "http://secunia.com/advisories/32012",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32012"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=360529",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=360529"
"url": "http://secunia.com/advisories/32042",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32042"
},
{
"name": "SUSE-SA:2008:050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html"
"url": "http://secunia.com/advisories/32144",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32144"
},
{
"name": "31984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31984"
"url": "http://secunia.com/advisories/32185",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32185"
},
{
"name": "32185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32185"
"url": "http://secunia.com/advisories/32196",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32196"
},
{
"name": "32196",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32196"
"url": "http://secunia.com/advisories/32845",
"refsource": "MISC",
"name": "http://secunia.com/advisories/32845"
},
{
"name": "DSA-1669",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1669"
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232",
"refsource": "MISC",
"name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232"
},
{
"name": "32042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32042"
"url": "http://www.debian.org/security/2008/dsa-1649",
"refsource": "MISC",
"name": "http://www.debian.org/security/2008/dsa-1649"
},
{
"name": "33433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33433"
"url": "http://www.debian.org/security/2008/dsa-1669",
"refsource": "MISC",
"name": "http://www.debian.org/security/2008/dsa-1669"
},
{
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-39.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-39.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205"
},
{
"name": "ADV-2008-2661",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2661"
"url": "http://www.securityfocus.com/bid/31346",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/31346"
},
{
"name": "1020914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020914"
"url": "http://www.ubuntu.com/usn/usn-645-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-645-1"
},
{
"name": "256408",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
"url": "http://www.ubuntu.com/usn/usn-645-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-645-2"
},
{
"name": "MDVSA-2008:205",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205"
"url": "http://www.vupen.com/english/advisories/2008/2661",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2008/2661"
},
{
"name": "http://download.novell.com/Download?buildid=WZXONb-tqBw~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~"
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-39.html",
"refsource": "MISC",
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-39.html"
},
{
"name": "32845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32845"
"url": "http://www.securitytracker.com/id?1020914",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1020914"
},
{
"name": "DSA-1649",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1649"
"url": "https://access.redhat.com/security/cve/CVE-2008-3836",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2008-3836"
},
{
"name": "32012",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32012"
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=360529",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=360529"
},
{
"name": "34501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34501"
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=430658",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=430658"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=463188",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=463188"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45350",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45350"
}
]
}

452
2009/3xxx/CVE-2009-3604.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3604",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow."
"value": "CVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and missing allocation return value check"
}
]
},
@ -44,243 +21,362 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "1:2.02-17.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "1:3.00-22.el4_8.1",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-7.7.2.el4_8.5",
"version_affected": "!"
},
{
"version_value": "7:3.3.1-15.el4_8.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.5.4-4.4.el5_3.9",
"version_affected": "!"
},
{
"version_value": "7:3.5.4-15.el5_4.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "39938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39938"
},
{
"name": "37042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37042"
},
{
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch",
"refsource": "CONFIRM",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
},
{
"name": "MDVSA-2009:287",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
},
{
"name": "37028",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37028"
},
{
"name": "FEDORA-2010-1377",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
},
{
"name": "http://site.pi3.com.pl/adv/xpdf.txt",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087",
"refsource": "MISC",
"url": "http://site.pi3.com.pl/adv/xpdf.txt"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "FEDORA-2009-10823",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "RHSA-2009:1501",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
"url": "http://www.vupen.com/english/advisories/2010/1040",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "37079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37079"
"url": "https://access.redhat.com/errata/RHSA-2009:0480",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0480"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
},
{
"name": "xpdf-splashdrawimage-bo(53795)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
},
{
"name": "DSA-2028",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2028"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
},
{
"name": "DSA-2050",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2050"
"url": "http://secunia.com/advisories/37028",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37028"
},
{
"name": "37159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37159"
"url": "http://secunia.com/advisories/37037",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37037"
},
{
"name": "FEDORA-2010-1805",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
"url": "http://secunia.com/advisories/37043",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37043"
},
{
"name": "1021706",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
"url": "http://secunia.com/advisories/37053",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37053"
},
{
"name": "FEDORA-2009-10845",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
"url": "http://secunia.com/advisories/37077",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37077"
},
{
"name": "RHSA-2009:1512",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
"url": "http://secunia.com/advisories/37079",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37079"
},
{
"name": "37114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37114"
"url": "http://secunia.com/advisories/39327",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39327"
},
{
"name": "37077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37077"
"url": "http://secunia.com/advisories/39938",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39938"
},
{
"name": "1023029",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023029"
"url": "http://www.debian.org/security/2010/dsa-2028",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2028"
},
{
"name": "RHSA-2009:1503",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
"url": "http://www.debian.org/security/2010/dsa-2050",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2050"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2"
"url": "http://www.vupen.com/english/advisories/2009/2928",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "http://www.vupen.com/english/advisories/2010/0802",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0802"
},
{
"name": "oval:org.mitre.oval:def:10969",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"
"url": "http://www.vupen.com/english/advisories/2010/1220",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1220"
},
{
"name": "37037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37037"
"url": "https://access.redhat.com/errata/RHSA-2009:1501",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1501"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
"url": "https://access.redhat.com/errata/RHSA-2009:1502",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1502"
},
{
"name": "USN-850-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-3"
"url": "https://access.redhat.com/errata/RHSA-2009:1503",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1503"
},
{
"name": "ADV-2010-0802",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0802"
"url": "https://access.redhat.com/errata/RHSA-2009:1512",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1512"
},
{
"name": "RHSA-2009:1502",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"name": "FEDORA-2010-1842",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
},
{
"name": "RHSA-2009:1500",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
},
{
"name": "ADV-2009-2928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2928"
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch",
"refsource": "MISC",
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526911",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "37023",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37023"
"url": "http://secunia.com/advisories/37114",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37114"
},
{
"name": "ADV-2009-2924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2924"
"url": "http://secunia.com/advisories/37159",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37159"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
"url": "http://securitytracker.com/id?1023029",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1023029"
},
{
"name": "274030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
},
{
"name": "ADV-2010-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1220"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
},
{
"name": "USN-850-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-1"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
},
{
"name": "37053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37053"
"url": "http://www.securityfocus.com/bid/36703",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36703"
},
{
"name": "39327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39327"
"url": "http://www.ubuntu.com/usn/USN-850-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-1"
},
{
"name": "37043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37043"
"url": "http://www.ubuntu.com/usn/USN-850-3",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-3"
},
{
"name": "36703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36703"
"url": "http://www.vupen.com/english/advisories/2009/2924",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2924"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
},
{
"url": "http://secunia.com/advisories/37023",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37023"
},
{
"url": "https://access.redhat.com/errata/RHSA-2009:1500",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1500"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
},
{
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2"
},
{
"url": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2"
},
{
"url": "http://secunia.com/advisories/37042",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37042"
},
{
"url": "http://site.pi3.com.pl/adv/xpdf.txt",
"refsource": "MISC",
"name": "http://site.pi3.com.pl/adv/xpdf.txt"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3604",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3604"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526911"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

397
2009/3xxx/CVE-2009-3606.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3606",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow."
"value": "CVE-2009-3606 xpdf/poppler: PSOutputDev::doImageL1Sep integer overflow"
}
]
},
@ -44,223 +21,333 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "1:2.02-17.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.8.2-7.7.2.el4_7.4",
"version_affected": "!"
},
{
"version_value": "1:3.00-22.el4_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.5.4-4.4.el5_3.9",
"version_affected": "!"
},
{
"version_value": "7:3.5.4-15.el5_4.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "39938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39938"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "37042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37042"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch",
"refsource": "CONFIRM",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
"url": "http://www.vupen.com/english/advisories/2010/1040",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "DSA-1941",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1941"
"url": "https://access.redhat.com/errata/RHSA-2009:0458",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0458"
},
{
"name": "MDVSA-2009:287",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
"url": "https://access.redhat.com/errata/RHSA-2009:0480",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:0480"
},
{
"name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
},
{
"name": "FEDORA-2010-1377",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
},
{
"name": "FEDORA-2009-10823",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61"
"url": "http://secunia.com/advisories/37037",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37037"
},
{
"name": "RHSA-2009:1501",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
"url": "http://secunia.com/advisories/37043",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37043"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
"url": "http://secunia.com/advisories/37053",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37053"
},
{
"name": "DSA-2028",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2028"
"url": "http://secunia.com/advisories/37077",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37077"
},
{
"name": "DSA-2050",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2050"
"url": "http://secunia.com/advisories/39327",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39327"
},
{
"name": "oval:org.mitre.oval:def:11289",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"
"url": "http://secunia.com/advisories/39938",
"refsource": "MISC",
"name": "http://secunia.com/advisories/39938"
},
{
"name": "[oss-security] 20091130 Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
"url": "http://www.debian.org/security/2010/dsa-2028",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2028"
},
{
"name": "37159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37159"
"url": "http://www.debian.org/security/2010/dsa-2050",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2050"
},
{
"name": "FEDORA-2010-1805",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html"
"url": "http://www.vupen.com/english/advisories/2009/2928",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"name": "1021706",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
"url": "http://www.vupen.com/english/advisories/2010/0802",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0802"
},
{
"name": "FEDORA-2009-10845",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
"url": "http://www.vupen.com/english/advisories/2010/1220",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1220"
},
{
"name": "oval:org.mitre.oval:def:7836",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836"
"url": "https://access.redhat.com/errata/RHSA-2009:1501",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1501"
},
{
"name": "37077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37077"
"url": "https://access.redhat.com/errata/RHSA-2009:1502",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1502"
},
{
"name": "1023029",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023029"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"name": "xpdf-psoutputdev-bo(53798)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch",
"refsource": "MISC",
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch"
},
{
"name": "37037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37037"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
"url": "http://secunia.com/advisories/37159",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37159"
},
{
"name": "ADV-2010-0802",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0802"
"url": "http://securitytracker.com/id?1023029",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1023029"
},
{
"name": "RHSA-2009:1502",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
},
{
"name": "FEDORA-2010-1842",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
},
{
"name": "RHSA-2009:1500",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287"
},
{
"name": "ADV-2009-2928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2928"
"url": "http://www.securityfocus.com/bid/36703",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36703"
},
{
"name": "37023",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37023"
"url": "http://www.vupen.com/english/advisories/2009/2924",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2924"
},
{
"name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
},
{
"name": "ADV-2009-2924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2924"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
"url": "http://www.debian.org/security/2009/dsa-1941",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1941"
},
{
"name": "274030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
},
{
"name": "ADV-2010-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1220"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
},
{
"name": "37053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37053"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
},
{
"name": "39327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39327"
"url": "http://secunia.com/advisories/37023",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37023"
},
{
"name": "37043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37043"
"url": "https://access.redhat.com/errata/RHSA-2009:1500",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1500"
},
{
"name": "36703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36703"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526877",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877"
"url": "http://secunia.com/advisories/37042",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37042"
},
{
"url": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3606",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3606"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526877"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7836"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

179
2009/3xxx/CVE-2009-3607.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3607",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information."
"value": "CVE-2009-3607 poppler: create_surface_from_thumbnail_data integer overflow"
}
]
},
@ -44,108 +21,138 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-1941",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1941"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "[oss-security] 20091201 Re: Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
"url": "http://secunia.com/advisories/37054",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37054"
},
{
"name": "FEDORA-2009-10823",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
"url": "http://secunia.com/advisories/37114",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37114"
},
{
"name": "36718",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36718"
"url": "http://secunia.com/advisories/37159",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37159"
},
{
"name": "[oss-security] 20091130 Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
},
{
"name": "poppler-createsurfacefromthumbnaildata-bo(53801)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1",
"refsource": "MISC",
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
},
{
"name": "37159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37159"
"url": "http://www.ubuntu.com/usn/USN-850-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-1"
},
{
"name": "37054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37054"
"url": "http://www.ubuntu.com/usn/USN-850-3",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-850-3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526924",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
"url": "http://www.vupen.com/english/advisories/2009/2925",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2009/2925"
},
{
"name": "1021706",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html"
},
{
"name": "FEDORA-2009-10845",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html"
},
{
"name": "37114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37114"
"url": "http://www.debian.org/security/2009/dsa-1941",
"refsource": "MISC",
"name": "http://www.debian.org/security/2009/dsa-1941"
},
{
"name": "MDVSA-2011:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/1"
},
{
"name": "USN-850-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-3"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
},
{
"name": "[oss-security] 20091130 Re: Need more information on recent poppler issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/5"
"url": "http://www.openwall.com/lists/oss-security/2009/12/01/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/12/01/6"
},
{
"name": "274030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1"
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
},
{
"name": "USN-850-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-850-1"
"url": "http://www.securityfocus.com/bid/36718",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36718"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b706"
"url": "https://access.redhat.com/security/cve/CVE-2009-3607",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3607"
},
{
"name": "ADV-2009-2925",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2925"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=526924"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53801"
}
]
}

305
2009/3xxx/CVE-2009-3620.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3620",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls."
"value": "CVE-2009-3620 kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised"
}
]
},
@ -44,148 +21,256 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.24.7-137.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 3 Extended Lifecycle Support",
"version": {
"version_data": [
{
"version_value": "0:2.4.21-66.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.0.18.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.9.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20091019 Re: CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/10/19/3"
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"refsource": "MISC",
"name": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "RHSA-2009:1671",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1671.html"
"url": "http://secunia.com/advisories/38794",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38794"
},
{
"name": "36824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36824"
"url": "http://secunia.com/advisories/38834",
"refsource": "MISC",
"name": "http://secunia.com/advisories/38834"
},
{
"name": "oval:org.mitre.oval:def:9891",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891"
"url": "http://www.vupen.com/english/advisories/2010/0528",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "RHSA-2009:1540",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=529597",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529597"
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
},
{
"name": "SUSE-SA:2009:061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
},
{
"name": "USN-864-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-864-1"
"url": "http://secunia.com/advisories/37909",
"refsource": "MISC",
"name": "http://secunia.com/advisories/37909"
},
{
"name": "38794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38794"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
"url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-864-1"
},
{
"name": "36707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36707"
"url": "https://access.redhat.com/errata/RHSA-2010:0882",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0882"
},
{
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
},
{
"name": "[linux-kernel] 20090921 [git pull] drm tree.",
"refsource": "MLIST",
"url": "http://article.gmane.org/gmane.linux.kernel/892259"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "MDVSA-2010:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:088"
"url": "https://access.redhat.com/errata/RHSA-2009:1540",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1540"
},
{
"name": "SUSE-SA:2010:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log"
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html"
},
{
"name": "37909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37909"
"url": "http://secunia.com/advisories/36707",
"refsource": "MISC",
"name": "http://secunia.com/advisories/36707"
},
{
"name": "oval:org.mitre.oval:def:6763",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1671.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1671.html"
},
{
"name": "RHSA-2010:0882",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
"url": "https://access.redhat.com/errata/RHSA-2009:1671",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1671"
},
{
"name": "RHSA-2009:1670",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1670.html"
"url": "http://www.redhat.com/support/errata/RHSA-2009-1670.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2009-1670.html"
},
{
"name": "SUSE-SA:2009:064",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
"url": "https://access.redhat.com/errata/RHSA-2009:1670",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2009:1670"
},
{
"name": "[oss-security] 20091019 CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/10/19/1"
"url": "http://article.gmane.org/gmane.linux.kernel/892259",
"refsource": "MISC",
"name": "http://article.gmane.org/gmane.linux.kernel/892259"
},
{
"name": "38834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38834"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7dc482dfeeeefcfd000d4271c4626937406756d7",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7dc482dfeeeefcfd000d4271c4626937406756d7"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log"
},
{
"name": "SUSE-SA:2010:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:088",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:088"
},
{
"name": "FEDORA-2009-11038",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html"
"url": "http://www.openwall.com/lists/oss-security/2009/10/19/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/10/19/1"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0528"
"url": "http://www.openwall.com/lists/oss-security/2009/10/19/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/10/19/3"
},
{
"url": "http://www.securityfocus.com/bid/36824",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36824"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2009-3620",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3620"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529597",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=529597"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

138
2009/3xxx/CVE-2009-3623.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3623",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an NFSv4 mount request."
"value": "CVE-2009-3623 kernel: nfsd4: fix null dereference creating nfsv4 callback client"
}
]
},
@ -44,53 +21,108 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=886e3b7fe6054230c89ae078a09565ed183ecc73",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=886e3b7fe6054230c89ae078a09565ed183ecc73"
"url": "http://www.ubuntu.com/usn/usn-864-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-864-1"
},
{
"name": "USN-864-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-864-1"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc1",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc1"
},
{
"name": "[oss-security] 20091022 CVE request: kernel: nfsd4: fix null dereference creating nfsv4 callback client",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=125618753029631&w=2"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2"
},
{
"name": "[oss-security] 20091022 Re: CVE request: kernel: nfsd4: fix null dereference creating nfsv4 callback client",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=125624036516377&w=2"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=80fc015bdfe1f5b870c1e1ee02d78e709523fee7",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=80fc015bdfe1f5b870c1e1ee02d78e709523fee7"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc1",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=886e3b7fe6054230c89ae078a09565ed183ecc73",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=886e3b7fe6054230c89ae078a09565ed183ecc73"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=530269",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530269"
"url": "http://marc.info/?l=oss-security&m=125618753029631&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=125618753029631&w=2"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2"
"url": "http://marc.info/?l=oss-security&m=125624036516377&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=125624036516377&w=2"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=80fc015bdfe1f5b870c1e1ee02d78e709523fee7",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=80fc015bdfe1f5b870c1e1ee02d78e709523fee7"
"url": "https://access.redhat.com/security/cve/CVE-2009-3623",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3623"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530269",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=530269"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

132
2009/3xxx/CVE-2009-3625.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3625",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in www/index.php in Sahana 0.6.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter."
"value": "CVE-2009-3625 Sahana: Arbitrary files access due improper processing of URLs with null character in the string"
}
]
},
@ -44,48 +21,103 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=530255",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530255"
"url": "http://sahana.cvs.sourceforge.net/viewvc/sahana/sahana-phase2/www/index.php?r1=1.83&r2=1.84",
"refsource": "MISC",
"name": "http://sahana.cvs.sourceforge.net/viewvc/sahana/sahana-phase2/www/index.php?r1=1.83&r2=1.84"
},
{
"name": "https://fedorahosted.org/rel-eng/ticket/2635",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/rel-eng/ticket/2635"
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5d9043b70910191044l4bb0178fs563a5128a0f5db01%40mail.gmail.com&forum_name=sahana-maindev",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/forum.php?thread_name=5d9043b70910191044l4bb0178fs563a5128a0f5db01%40mail.gmail.com&forum_name=sahana-maindev"
},
{
"name": "[oss-security] 20091022 CVE Request -- Sahana",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/10/22/3"
"url": "http://www.openwall.com/lists/oss-security/2009/10/22/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/10/22/3"
},
{
"name": "36826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36826"
"url": "http://www.openwall.com/lists/oss-security/2009/10/22/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2009/10/22/6"
},
{
"name": "[oss-security] 20091022 Re: CVE Request -- Sahana",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/10/22/6"
"url": "http://www.securityfocus.com/bid/36826",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/36826"
},
{
"name": "http://sahana.cvs.sourceforge.net/viewvc/sahana/sahana-phase2/www/index.php?r1=1.83&r2=1.84",
"refsource": "CONFIRM",
"url": "http://sahana.cvs.sourceforge.net/viewvc/sahana/sahana-phase2/www/index.php?r1=1.83&r2=1.84"
"url": "https://access.redhat.com/security/cve/CVE-2009-3625",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2009-3625"
},
{
"name": "[sahana-maindev] 20091019 SEVERE Security Vulnerability in Sahana Identified and Patched",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5d9043b70910191044l4bb0178fs563a5128a0f5db01%40mail.gmail.com&forum_name=sahana-maindev"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530255",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=530255"
},
{
"url": "https://fedorahosted.org/rel-eng/ticket/2635",
"refsource": "MISC",
"name": "https://fedorahosted.org/rel-eng/ticket/2635"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

241
2010/2xxx/CVE-2010-2798.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2798",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c."
"value": "CVE-2010-2798 kernel: gfs2: rename causes kernel panic"
}
]
},
@ -44,108 +21,200 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-194.17.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-128.23.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.4.Z - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-164.25.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100802 Re: CVE request: kernel: gfs2: rename cases kernel panic",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/02/10"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
},
{
"name": "RHSA-2010:0723",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0723.html"
"url": "http://www.debian.org/security/2010/dsa-2094",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2094"
},
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
},
{
"name": "42124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42124"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
},
{
"name": "MDVSA-2010:198",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
"url": "http://secunia.com/advisories/46397",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46397"
},
{
"name": "RHSA-2010:0670",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0670.html"
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2010:0660",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0660.html"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "SUSE-SA:2010:040",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0660.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0660.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0670.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0670.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=620300",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620300"
"url": "https://access.redhat.com/errata/RHSA-2010:0660",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0660"
},
{
"name": "1024386",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024386"
"url": "https://access.redhat.com/errata/RHSA-2010:0670",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0670"
},
{
"name": "[oss-security] 20100802 CVE request: kernel: gfs2: rename cases kernel panic",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/02/1"
"url": "http://support.avaya.com/css/P8/documents/100113326",
"refsource": "MISC",
"name": "http://support.avaya.com/css/P8/documents/100113326"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0723.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0723.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=728a756b8fcd22d80e2dbba8117a8a3aafd3f203",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=728a756b8fcd22d80e2dbba8117a8a3aafd3f203"
"url": "https://access.redhat.com/errata/RHSA-2010:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0723"
},
{
"name": "http://support.avaya.com/css/P8/documents/100113326",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100113326"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=728a756b8fcd22d80e2dbba8117a8a3aafd3f203",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=728a756b8fcd22d80e2dbba8117a8a3aafd3f203"
},
{
"name": "DSA-2094",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2094"
"url": "http://securitytracker.com/id?1024386",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1024386"
},
{
"name": "SUSE-SA:2010:054",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
"url": "http://www.openwall.com/lists/oss-security/2010/08/02/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/08/02/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/08/02/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/08/02/10"
},
{
"url": "http://www.securityfocus.com/bid/42124",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/42124"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2798",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2798"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=620300",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=620300"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

288
2010/2xxx/CVE-2010-2806.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2806",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow."
"value": "CVE-2010-2806 FreeType: Heap-based buffer overflow by processing FontType42 fonts with negative length of SFNT strings (FT bug #30656)"
}
]
},
@ -44,138 +21,241 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 3",
"version": {
"version_data": [
{
"version_value": "0:2.1.4-18.el3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.1.9-17.el4.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-28.el5_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "ADV-2010-3045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3045"
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
"url": "http://support.apple.com/kb/HT4435",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4435"
},
{
"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT4457",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4457"
"url": "http://secunia.com/advisories/42314",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42314"
},
{
"name": "ADV-2010-2018",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2018"
"url": "http://secunia.com/advisories/42317",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42317"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
"url": "http://support.apple.com/kb/HT4456",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4456"
},
{
"name": "RHSA-2010:0737",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
"url": "http://support.apple.com/kb/HT4457",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4457"
},
{
"name": "USN-972-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-972-1"
"url": "http://www.vupen.com/english/advisories/2010/3045",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"url": "http://www.vupen.com/english/advisories/2010/3046",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128111955616772&w=2"
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2",
"refsource": "MISC",
"name": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42317"
"url": "http://secunia.com/advisories/40982",
"refsource": "MISC",
"name": "http://secunia.com/advisories/40982"
},
{
"name": "40816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40816"
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view",
"refsource": "MISC",
"name": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2",
"refsource": "CONFIRM",
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
"url": "http://www.ubuntu.com/usn/USN-972-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "https://savannah.nongnu.org/bugs/?30656",
"refsource": "CONFIRM",
"url": "https://savannah.nongnu.org/bugs/?30656"
"url": "http://www.vupen.com/english/advisories/2010/2106",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"name": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
"url": "http://marc.info/?l=oss-security&m=128111955616772&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128111955616772&w=2"
},
{
"name": "RHSA-2010:0864",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
"url": "http://secunia.com/advisories/40816",
"refsource": "MISC",
"name": "http://secunia.com/advisories/40816"
},
{
"name": "40982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40982"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "ADV-2010-2106",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2106"
"url": "http://www.securityfocus.com/bid/42285",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/42285"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=621980",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621980"
"url": "http://www.vupen.com/english/advisories/2010/2018",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
"url": "https://access.redhat.com/errata/RHSA-2010:0864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0864"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557"
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557",
"refsource": "MISC",
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557"
},
{
"name": "42285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42285"
"url": "https://access.redhat.com/errata/RHSA-2010:0736",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0736"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0737",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0737"
},
{
"name": "RHSA-2010:0736",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
"url": "https://access.redhat.com/security/cve/CVE-2010-2806",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2806"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621980",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=621980"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"url": "https://savannah.nongnu.org/bugs/?30656",
"refsource": "MISC",
"name": "https://savannah.nongnu.org/bugs/?30656"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

272
2010/2xxx/CVE-2010-2808.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2808",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font."
"value": "CVE-2010-2808 FreeType: Stack-based buffer overflow by processing certain LWFN fonts"
}
]
},
@ -44,138 +21,225 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.1.9-17.el4.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-28.el5_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "ADV-2010-3045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3045"
"url": "http://support.apple.com/kb/HT4435",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4435"
},
{
"name": "https://savannah.nongnu.org/bugs/?30658",
"refsource": "CONFIRM",
"url": "https://savannah.nongnu.org/bugs/?30658"
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
"url": "http://secunia.com/advisories/42314",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42314"
},
{
"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
"url": "http://secunia.com/advisories/42317",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42317"
},
{
"name": "http://support.apple.com/kb/HT4457",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4457"
"url": "http://support.apple.com/kb/HT4456",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4456"
},
{
"name": "ADV-2010-2018",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2018"
"url": "http://support.apple.com/kb/HT4457",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
"url": "http://www.vupen.com/english/advisories/2010/3045",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "RHSA-2010:0737",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
"url": "http://www.vupen.com/english/advisories/2010/3046",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "USN-972-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-972-1"
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2",
"refsource": "MISC",
"name": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"url": "http://secunia.com/advisories/40982",
"refsource": "MISC",
"name": "http://secunia.com/advisories/40982"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128111955616772&w=2"
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view",
"refsource": "MISC",
"name": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "42317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42317"
"url": "http://www.ubuntu.com/usn/USN-972-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "40816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40816"
"url": "http://www.vupen.com/english/advisories/2010/2106",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"name": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2",
"refsource": "CONFIRM",
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
"url": "http://marc.info/?l=oss-security&m=128111955616772&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128111955616772&w=2"
},
{
"name": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
"url": "http://secunia.com/advisories/40816",
"refsource": "MISC",
"name": "http://secunia.com/advisories/40816"
},
{
"name": "RHSA-2010:0864",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40982"
"url": "http://www.securityfocus.com/bid/42285",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/42285"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=621907",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
"url": "http://www.vupen.com/english/advisories/2010/2018",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-2106",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2106"
"url": "https://access.redhat.com/errata/RHSA-2010:0864",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0864"
},
{
"name": "[oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128110167119337&w=2"
"url": "https://access.redhat.com/errata/RHSA-2010:0737",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0737"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "42285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42285"
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975",
"refsource": "MISC",
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
"url": "http://marc.info/?l=oss-security&m=128110167119337&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128110167119337&w=2"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2808",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2808"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
},
{
"url": "https://savannah.nongnu.org/bugs/?30658",
"refsource": "MISC",
"name": "https://savannah.nongnu.org/bugs/?30658"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

265
2010/2xxx/CVE-2010-2942.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2942",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c."
"value": "CVE-2010-2942 kernel: net sched: fix some kernel memory leaks"
}
]
},
@ -44,128 +21,220 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.7-rt29.45.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:2.6.9-89.31.1.EL",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-194.17.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=624903",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624903"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html"
},
{
"name": "RHSA-2010:0723",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0723.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "SUSE-SA:2010:041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
"url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name": "RHSA-2010:0771",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0771.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
"url": "http://secunia.com/advisories/46397",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46397"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=1c40be12f7d8ca1d387510d39787b12e512a7ce8",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=1c40be12f7d8ca1d387510d39787b12e512a7ce8"
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "SUSE-SA:2010:040",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0771",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0771"
},
{
"name": "ADV-2010-2430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2430"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0771.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0771.html"
},
{
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"url": "http://support.avaya.com/css/P8/documents/100113326",
"refsource": "MISC",
"name": "http://support.avaya.com/css/P8/documents/100113326"
},
{
"name": "SUSE-SA:2010:060",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0723.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0723.html"
},
{
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
"url": "https://access.redhat.com/errata/RHSA-2010:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0723"
},
{
"name": "http://patchwork.ozlabs.org/patch/61857/",
"refsource": "CONFIRM",
"url": "http://patchwork.ozlabs.org/patch/61857/"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"url": "http://secunia.com/advisories/41512",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41512"
},
{
"name": "http://support.avaya.com/css/P8/documents/100113326",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100113326"
"url": "http://www.vupen.com/english/advisories/2010/2430",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2430"
},
{
"name": "[oss-security] 20100818 CVE request - kernel: net sched memleak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/18/1"
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8"
},
{
"name": "42529",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42529"
"url": "http://patchwork.ozlabs.org/patch/61857/",
"refsource": "MISC",
"name": "http://patchwork.ozlabs.org/patch/61857/"
},
{
"name": "[oss-security] 20100819 Re: CVE request - kernel: net sched memleak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/19/4"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2"
},
{
"name": "SUSE-SA:2010:054",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
"url": "http://www.openwall.com/lists/oss-security/2010/08/18/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/08/18/1"
},
{
"name": "41512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41512"
"url": "http://www.openwall.com/lists/oss-security/2010/08/19/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/08/19/4"
},
{
"name": "RHSA-2010:0779",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0779.html"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0779.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0779.html"
},
{
"url": "http://www.securityfocus.com/bid/42529",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/42529"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0779",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0779"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2942",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2942"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624903",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=624903"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

260
2010/2xxx/CVE-2010-2948.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2948",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF) record in a BGP ROUTE-REFRESH (RR) message."
"value": "CVE-2010-2948 Quagga (bgpd): Stack buffer overflow by processing certain Route-Refresh messages"
}
]
},
@ -44,128 +21,215 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:0.98.3-4.el4_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:0.98.6-5.el5_5.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:0.99.15-5.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "ADV-2010-2304",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2304"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"name": "42635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42635"
"url": "http://secunia.com/advisories/42397",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42397"
},
{
"name": "42498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42498"
"url": "http://www.vupen.com/english/advisories/2010/3097",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=626783",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=626783"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0785.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0785.html"
},
{
"name": "[oss-security] 20100824 CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/24/3"
"url": "https://access.redhat.com/errata/RHSA-2010:0785",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0785"
},
{
"name": "41238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41238"
"url": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=d64379e8f3c0636df53ed08d5b2f1946cfedd0e3",
"refsource": "MISC",
"name": "http://code.quagga.net/?p=quagga.git%3Ba=commit%3Bh=d64379e8f3c0636df53ed08d5b2f1946cfedd0e3"
},
{
"name": "SUSE-SR:2010:022",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
},
{
"name": "http://code.quagga.net/?p=quagga.git;a=commit;h=d64379e8f3c0636df53ed08d5b2f1946cfedd0e3",
"refsource": "CONFIRM",
"url": "http://code.quagga.net/?p=quagga.git;a=commit;h=d64379e8f3c0636df53ed08d5b2f1946cfedd0e3"
"url": "http://secunia.com/advisories/41038",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41038"
},
{
"name": "41038",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41038"
"url": "http://secunia.com/advisories/41238",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41238"
},
{
"name": "GLSA-201202-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
"url": "http://secunia.com/advisories/42446",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42446"
},
{
"name": "42397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42397"
"url": "http://secunia.com/advisories/42498",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42498"
},
{
"name": "DSA-2104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2104"
"url": "http://secunia.com/advisories/48106",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48106"
},
{
"name": "USN-1027-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1027-1"
"url": "http://security.gentoo.org/glsa/glsa-201202-02.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
},
{
"name": "42446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42446"
"url": "http://www.debian.org/security/2010/dsa-2104",
"refsource": "MISC",
"name": "http://www.debian.org/security/2010/dsa-2104"
},
{
"name": "SUSE-SU-2011:1316",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174"
},
{
"name": "MDVSA-2010:174",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:174"
"url": "http://www.openwall.com/lists/oss-security/2010/08/24/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/08/24/3"
},
{
"name": "48106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48106"
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/08/25/4"
},
{
"name": "ADV-2010-3097",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3097"
"url": "http://www.quagga.net/news2.php?y=2010&m=8&d=19",
"refsource": "MISC",
"name": "http://www.quagga.net/news2.php?y=2010&m=8&d=19"
},
{
"name": "[oss-security] 20100825 Re: CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/4"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0945.html"
},
{
"name": "RHSA-2010:0785",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0785.html"
"url": "http://www.securityfocus.com/bid/42635",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/42635"
},
{
"name": "RHSA-2010:0945",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0945.html"
"url": "http://www.ubuntu.com/usn/USN-1027-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1027-1"
},
{
"name": "http://www.quagga.net/news2.php?y=2010&m=8&d=19",
"refsource": "CONFIRM",
"url": "http://www.quagga.net/news2.php?y=2010&m=8&d=19"
"url": "http://www.vupen.com/english/advisories/2010/2304",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2304"
},
{
"name": "ADV-2010-3124",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3124"
"url": "http://www.vupen.com/english/advisories/2010/3124",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3124"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0945",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0945"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2948",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2948"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=626783",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=626783"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

202
2010/2xxx/CVE-2010-2954.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2954",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket."
"value": "CVE-2010-2954 kernel: NULL deref and panic in irda"
}
]
},
@ -44,98 +21,153 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "SUSE-SA:2010:041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
},
{
"name": "41234",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41234"
},
{
"name": "http://twitter.com/taviso/statuses/22635752128",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "MISC",
"url": "http://twitter.com/taviso/statuses/22635752128"
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name": "kernel-irdabind-dos(61522)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61522"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "ADV-2010-2430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2430"
"url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name": "[oss-security] 20100901 CVE-2010-2954 kernel: irda null ptr deref",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128331787923285&w=2"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"
},
{
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
},
{
"name": "[netdev] 20100830 [PATCH] irda: Correctly clean up self->ias_obj on irda_bind() failure.",
"refsource": "MLIST",
"url": "http://www.spinics.net/lists/netdev/msg139404.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=628770",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=628770"
"url": "http://secunia.com/advisories/41512",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41512"
},
{
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
"url": "http://www.vupen.com/english/advisories/2010/2430",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2430"
},
{
"name": "SUSE-SA:2010:050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=628e300cccaa628d8fb92aa28cb7530a3d5f2257",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=628e300cccaa628d8fb92aa28cb7530a3d5f2257"
},
{
"name": "ADV-2010-2266",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2266"
"url": "http://marc.info/?l=oss-security&m=128331787923285&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=oss-security&m=128331787923285&w=2"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100901.bz2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100901.bz2"
"url": "http://secunia.com/advisories/41234",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41234"
},
{
"name": "SUSE-SA:2010:054",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
"url": "http://twitter.com/taviso/statuses/22635752128",
"refsource": "MISC",
"name": "http://twitter.com/taviso/statuses/22635752128"
},
{
"name": "41512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41512"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100901.bz2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc3-next-20100901.bz2"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=628e300cccaa628d8fb92aa28cb7530a3d5f2257",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=628e300cccaa628d8fb92aa28cb7530a3d5f2257"
"url": "http://www.spinics.net/lists/netdev/msg139404.html",
"refsource": "MISC",
"name": "http://www.spinics.net/lists/netdev/msg139404.html"
},
{
"url": "http://www.vupen.com/english/advisories/2010/2266",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2266"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2954",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2954"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=628770",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=628770"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61522",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61522"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

249
2010/3xxx/CVE-2010-3078.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3078",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call."
"value": "CVE-2010-3078 kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak"
}
]
},
@ -44,128 +21,204 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-194.26.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.14.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100907 CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/07/1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name": "USN-1000-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1000-1"
"url": "http://www.ubuntu.com/usn/USN-1000-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1000-1"
},
{
"name": "SUSE-SA:2010:041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
"url": "http://www.vupen.com/english/advisories/2011/0298",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name": "[xfs-masters] 20100906 [PATCH] xfs: prevent reading uninitialized stack memory",
"refsource": "MLIST",
"url": "http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9"
"url": "http://secunia.com/advisories/42890",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42890"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4"
},
{
"name": "RHSA-2011:0007",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0007.html"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0007.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0007.html"
},
{
"name": "ADV-2010-2430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2430"
"url": "https://access.redhat.com/errata/RHSA-2011:0007",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0007"
},
{
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"url": "http://secunia.com/advisories/46397",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46397"
},
{
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "SUSE-SA:2010:050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "RHSA-2010:0839",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0839.html"
"url": "https://access.redhat.com/errata/RHSA-2010:0839",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0839"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"
},
{
"name": "[oss-security] 20100907 Re: CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/07/12"
"url": "http://secunia.com/advisories/41512",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41512"
},
{
"name": "42890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42890"
"url": "http://www.vupen.com/english/advisories/2010/2430",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/2430"
},
{
"name": "1024418",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024418"
"url": "http://www.redhat.com/support/errata/RHSA-2010-0839.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2010-0839.html"
},
{
"name": "41284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41284"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=630804",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=630804"
"url": "http://secunia.com/advisories/41284",
"refsource": "MISC",
"name": "http://secunia.com/advisories/41284"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4"
"url": "http://securitytracker.com/id?1024418",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1024418"
},
{
"name": "SUSE-SA:2010:054",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"
"url": "http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html",
"refsource": "MISC",
"name": "http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html"
},
{
"name": "43022",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43022"
"url": "http://www.openwall.com/lists/oss-security/2010/09/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/07/1"
},
{
"name": "41512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41512"
"url": "http://www.openwall.com/lists/oss-security/2010/09/07/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/09/07/12"
},
{
"url": "http://www.securityfocus.com/bid/43022",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/43022"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-3078",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-3078"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=630804",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=630804"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

185
2011/1xxx/CVE-2011-1586.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1586",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000."
"value": "CVE-2011-1586 kdenetwork: incomplete fix for CVE-2010-1000"
}
]
},
@ -44,88 +21,148 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "7:4.3.4-11.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://launchpad.net/bugs/757526",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/757526"
"url": "http://openwall.com/lists/oss-security/2011/04/15/9",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/04/15/9"
},
{
"name": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468",
"refsource": "CONFIRM",
"url": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468"
"url": "http://secunia.com/advisories/44124",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44124"
},
{
"name": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471",
"refsource": "CONFIRM",
"url": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471"
"url": "http://secunia.com/advisories/44329",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44329"
},
{
"name": "44124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44124"
"url": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468",
"refsource": "MISC",
"name": "http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468"
},
{
"name": "[oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/15/9"
"url": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469",
"refsource": "MISC",
"name": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469"
},
{
"name": "ADV-2011-1135",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1135"
"url": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471",
"refsource": "MISC",
"name": "http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471"
},
{
"name": "RHSA-2011:0465",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0465.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081"
},
{
"name": "ADV-2011-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1019"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0465.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0465.html"
},
{
"name": "44329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44329"
"url": "http://www.ubuntu.com/usn/usn-1114-1/",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/usn-1114-1/"
},
{
"name": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469",
"refsource": "CONFIRM",
"url": "http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469"
"url": "http://www.vupen.com/english/advisories/2011/1019",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/1019"
},
{
"name": "ADV-2011-1021",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1021"
"url": "http://www.vupen.com/english/advisories/2011/1021",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/1021"
},
{
"name": "MDVSA-2011:081",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:081"
"url": "http://www.vupen.com/english/advisories/2011/1135",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/1135"
},
{
"name": "USN-1114-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1114-1/"
"url": "https://access.redhat.com/errata/RHSA-2011:0465",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0465"
},
{
"name": "kget-name-directory-traversal(66826)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826"
"url": "https://access.redhat.com/security/cve/CVE-2011-1586",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1586"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=697042",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=697042"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=697042",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=697042"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66826"
},
{
"url": "https://launchpad.net/bugs/757526",
"refsource": "MISC",
"name": "https://launchpad.net/bugs/757526"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

238
2011/1xxx/CVE-2011-1590.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1590",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file."
"value": "CVE-2011-1590 Wireshark: Use-after-free causes heap-based buffer overflow in X.509if dissector"
}
]
},
@ -44,128 +21,193 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.15-2.el6_2.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793"
"url": "http://secunia.com/advisories/45149",
"refsource": "MISC",
"name": "http://secunia.com/advisories/45149"
},
{
"name": "MDVSA-2011:083",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:083"
"url": "http://secunia.com/advisories/48947",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48947"
},
{
"name": "FEDORA-2011-5621",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html"
"url": "http://www.debian.org/security/2011/dsa-2274",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2274"
},
{
"name": "FEDORA-2011-5529",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html"
"url": "https://access.redhat.com/errata/RHSA-2012:0509",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0509"
},
{
"name": "48947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48947"
"url": "http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision",
"refsource": "MISC",
"name": "http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision"
},
{
"name": "[oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/18/8"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-05.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-05.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html"
},
{
"name": "oval:org.mitre.oval:def:15050",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050"
"url": "http://openwall.com/lists/oss-security/2011/04/18/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/04/18/2"
},
{
"name": "SUSE-SU-2011:0611",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/8701428"
"url": "http://openwall.com/lists/oss-security/2011/04/18/8",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/04/18/8"
},
{
"name": "FEDORA-2011-5569",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html"
"url": "http://secunia.com/advisories/44172",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44172"
},
{
"name": "DSA-2274",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2274"
"url": "http://secunia.com/advisories/44374",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44374"
},
{
"name": "44374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44374"
"url": "http://secunia.com/advisories/44822",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44822"
},
{
"name": "71846",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/71846"
"url": "http://securitytracker.com/id?1025388",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1025388"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:083",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:083"
},
{
"name": "44822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44822"
"url": "http://www.osvdb.org/71846",
"refsource": "MISC",
"name": "http://www.osvdb.org/71846"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-06.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-06.html"
"url": "http://www.vupen.com/english/advisories/2011/1022",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/1022"
},
{
"name": "44172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44172"
"url": "http://www.vupen.com/english/advisories/2011/1106",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/1106"
},
{
"name": "ADV-2011-1022",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1022"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-05.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-05.html"
},
{
"name": "1025388",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025388"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-06.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-06.html"
},
{
"name": "[oss-security] 20110418 Wireshark 1.2.16 / 1.4.5",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/18/2"
"url": "https://access.redhat.com/security/cve/CVE-2011-1590",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1590"
},
{
"name": "ADV-2011-1106",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1106"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754"
},
{
"name": "45149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45149"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=697741",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=697741"
},
{
"url": "https://hermes.opensuse.org/messages/8701428",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/8701428"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

245
2011/1xxx/CVE-2011-1751.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1751",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to \"active qemu timers.\""
"value": "CVE-2011-1751 qemu: acpi_piix4: missing hotplug check during device removal"
}
]
},
@ -44,103 +21,163 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.160.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110519 CVE-2011-1751 qemu: acpi_piix4: missing hotplug check during device removal",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/05/19/2"
},
{
"name": "RHSA-2011:0534",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0534.html"
},
{
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=505597e4476a6bc219d0ec1362b760d71cb4fdca",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=505597e4476a6bc219d0ec1362b760d71cb4fdca"
},
{
"name": "44648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44648"
},
{
"name": "73395",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/73395"
},
{
"name": "44393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44393"
},
{
"name": "44658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44658"
},
{
"name": "SUSE-SU-2011:0533",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/8572547"
},
{
"name": "[Qemu-devel] 20110519 [PATCH] Ignore pci unplug requests for unpluggable devices",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html"
},
{
"name": "47927",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47927"
},
{
"name": "https://github.com/nelhage/virtunoid",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html",
"refsource": "MISC",
"url": "https://github.com/nelhage/virtunoid"
"name": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=699773",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0534.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699773"
"name": "http://rhn.redhat.com/errata/RHSA-2011-0534.html"
},
{
"name": "44458",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44458"
},
{
"name": "44660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44660"
},
{
"name": "http://blog.nelhage.com/2011/08/breaking-out-of-kvm/",
"url": "http://secunia.com/advisories/44393",
"refsource": "MISC",
"url": "http://blog.nelhage.com/2011/08/breaking-out-of-kvm/"
"name": "http://secunia.com/advisories/44393"
},
{
"name": "USN-1145-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/USN-1145-1/"
"url": "http://secunia.com/advisories/44658",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44658"
},
{
"name": "44900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44900"
"url": "http://secunia.com/advisories/44660",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44660"
},
{
"name": "openSUSE-SU-2011:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html"
"url": "http://secunia.com/advisories/44900",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44900"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0534",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0534"
},
{
"url": "https://hermes.opensuse.org/messages/8572547",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/8572547"
},
{
"url": "https://www.ubuntu.com/usn/USN-1145-1/",
"refsource": "MISC",
"name": "https://www.ubuntu.com/usn/USN-1145-1/"
},
{
"url": "http://blog.nelhage.com/2011/08/breaking-out-of-kvm/",
"refsource": "MISC",
"name": "http://blog.nelhage.com/2011/08/breaking-out-of-kvm/"
},
{
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=505597e4476a6bc219d0ec1362b760d71cb4fdca",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=505597e4476a6bc219d0ec1362b760d71cb4fdca"
},
{
"url": "http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html",
"refsource": "MISC",
"name": "http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html"
},
{
"url": "http://secunia.com/advisories/44458",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44458"
},
{
"url": "http://secunia.com/advisories/44648",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44648"
},
{
"url": "http://www.openwall.com/lists/oss-security/2011/05/19/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/05/19/2"
},
{
"url": "http://www.osvdb.org/73395",
"refsource": "MISC",
"name": "http://www.osvdb.org/73395"
},
{
"url": "http://www.securityfocus.com/bid/47927",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/47927"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1751",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1751"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=699773",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=699773"
},
{
"url": "https://github.com/nelhage/virtunoid",
"refsource": "MISC",
"name": "https://github.com/nelhage/virtunoid"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

171
2011/1xxx/CVE-2011-1770.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1770",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read."
"value": "CVE-2011-1770 kernel: dccp: handle invalid feature options length"
}
]
},
@ -44,63 +21,139 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-131.2.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.9-rt31.75.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1025592",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025592"
"url": "https://access.redhat.com/errata/RHSA-2011:1253",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1253"
},
{
"name": "[linux-kernel] 20110506 [PATCH] dccp: handle invalid feature options length",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=130468845209036&w=2"
"url": "https://access.redhat.com/errata/RHSA-2011:0836",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0836"
},
{
"name": "47769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47769"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html"
},
{
"name": "[linux-kernel] 20110506 Re: [PATCH] dccp: handle invalid feature options length",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=130469305815140&w=2"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=703011",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703011"
"url": "http://marc.info/?l=linux-kernel&m=130468845209036&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=130468845209036&w=2"
},
{
"name": "44932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44932"
"url": "http://marc.info/?l=linux-kernel&m=130469305815140&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-kernel&m=130469305815140&w=2"
},
{
"name": "8286",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8286"
"url": "http://secunia.com/advisories/44932",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44932"
},
{
"name": "FEDORA-2011-7823",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html"
"url": "http://securityreason.com/securityalert/8286",
"refsource": "MISC",
"name": "http://securityreason.com/securityalert/8286"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14"
},
{
"name": "FEDORA-2011-7551",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html"
"url": "http://www.securityfocus.com/bid/47769",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/47769"
},
{
"url": "http://www.securitytracker.com/id?1025592",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025592"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1770",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1770"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703011",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=703011"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}