admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:02:32 +00:00
parent aed0a0b3f0
commit cc24100290
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3846 additions and 3846 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
2006/0xxx/CVE-2006-0385.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0385", "ID": "CVE-2006-0385",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2006/0xxx/CVE-2006-0449.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0449", "ID": "CVE-2006-0449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows remote attackers to cause a denial of service (infinite loop) by sending an APPEND command and disconnecting before the expected amount of data is sent."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://secunia.com/secunia_research/2006-1/advisory/", "description_data": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2006-1/advisory/" "lang": "eng",
}, "value": "Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows remote attackers to cause a denial of service (infinite loop) by sending an APPEND command and disconnecting before the expected amount of data is sent."
{ }
"name" : "16379", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16379" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0318", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0318" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22766", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/22766" ]
}, },
{ "references": {
"name" : "18480", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18480" "name": "ADV-2006-0318",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0318"
"name" : "epost-imap-append-dos(24341)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24341" "name": "http://secunia.com/secunia_research/2006-1/advisory/",
} "refsource": "MISC",
] "url": "http://secunia.com/secunia_research/2006-1/advisory/"
} },
} {
"name": "22766",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22766"
},
{
"name": "epost-imap-append-dos(24341)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24341"
},
{
"name": "18480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18480"
},
{
"name": "16379",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16379"
}
]
}
}

170
2006/0xxx/CVE-2006-0548.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0548", "ID": "CVE-2006-0548",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB15 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0260."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf" "lang": "eng",
}, "value": "SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB15 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0260."
{ }
"name" : "http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html", ]
"refsource" : "MISC", },
"url" : "http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA06-018A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-018A.html" ]
}, },
{ "references": {
"name" : "VU#150332", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/150332" "name": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf",
}, "refsource": "MISC",
{ "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
"name" : "oracle-january2006-update(24321)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321" "name": "oracle-january2006-update(24321)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
} },
} {
"name": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
},
{
"name": "VU#150332",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/150332"
},
{
"name": "TA06-018A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html",
"refsource": "MISC",
"url": "http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html"
}
]
}
}

160
2006/1xxx/CVE-2006-1295.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1295", "ID": "CVE-2006-1295",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP 1.8.2-g allows remote attackers to inject arbitrary web script or HTML via the recherche parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.silitix.com/spip-xss.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.silitix.com/spip-xss.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP 1.8.2-g allows remote attackers to inject arbitrary web script or HTML via the recherche parameter."
{ }
"name" : "http://www.zone-h.fr/advisories/read/id=1105", ]
"refsource" : "MISC", },
"url" : "http://www.zone-h.fr/advisories/read/id=1105" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://zone.spip.org/trac/spip-zone/changeset/1672", "description": [
"refsource" : "CONFIRM", {
"url" : "http://zone.spip.org/trac/spip-zone/changeset/1672" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17130", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17130" ]
}, },
{ "references": {
"name" : "spip-research-xss(25389)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25389" "name": "http://www.zone-h.fr/advisories/read/id=1105",
} "refsource": "MISC",
] "url": "http://www.zone-h.fr/advisories/read/id=1105"
} },
} {
"name": "17130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17130"
},
{
"name": "http://www.silitix.com/spip-xss.html",
"refsource": "MISC",
"url": "http://www.silitix.com/spip-xss.html"
},
{
"name": "spip-research-xss(25389)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25389"
},
{
"name": "http://zone.spip.org/trac/spip-zone/changeset/1672",
"refsource": "CONFIRM",
"url": "http://zone.spip.org/trac/spip-zone/changeset/1672"
}
]
}
}

190
2006/1xxx/CVE-2006-1444.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1444", "ID": "CVE-2006-1444",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CoreGraphics in Apple Mac OS X 10.4.6, when \"Enable access for assistive devices\" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2006-05-11", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html" "lang": "eng",
}, "value": "CoreGraphics in Apple Mac OS X 10.4.6, when \"Enable access for assistive devices\" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services."
{ }
"name" : "TA06-132A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-132A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17951", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17951" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1779", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1779" ]
}, },
{ "references": {
"name" : "25588", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25588" "name": "17951",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17951"
"name" : "1016079", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016079" "name": "ADV-2006-1779",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1779"
"name" : "20077", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20077" "name": "TA06-132A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
"name" : "macos-coregraphics-quartz-security-bypass(26409)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26409" "name": "1016079",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1016079"
} },
} {
"name": "25588",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25588"
},
{
"name": "macos-coregraphics-quartz-security-bypass(26409)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26409"
},
{
"name": "APPLE-SA-2006-05-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"name": "20077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20077"
}
]
}
}

180
2006/1xxx/CVE-2006-1572.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1572", "ID": "CVE-2006-1572",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060330 Oxygen<=1.x.x SQL injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/429474/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action."
{ }
"name" : "17324", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17324" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1181", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1181" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24287", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24287" ]
}, },
{ "references": {
"name" : "19481", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19481" "name": "20060330 Oxygen<=1.x.x SQL injection",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/429474/100/0/threaded"
"name" : "658", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/658" "name": "658",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/658"
"name" : "oxygen-post-sql-injection(25570)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25570" "name": "19481",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19481"
} },
} {
"name": "24287",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24287"
},
{
"name": "oxygen-post-sql-injection(25570)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25570"
},
{
"name": "ADV-2006-1181",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1181"
},
{
"name": "17324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17324"
}
]
}
}

150
2006/1xxx/CVE-2006-1812.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1812", "ID": "CVE-2006-1812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060417 PhpWebFTP 3.2 Login Script", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/431115/100/0/threaded" "lang": "eng",
}, "value": "phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information."
{ }
"name" : "17557", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17557" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19706", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19706" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpwebftp-scriptjs-obtain-information(25921)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25921" ]
} },
] "references": {
} "reference_data": [
} {
"name": "17557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17557"
},
{
"name": "phpwebftp-scriptjs-obtain-information(25921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25921"
},
{
"name": "19706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19706"
},
{
"name": "20060417 PhpWebFTP 3.2 Login Script",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431115/100/0/threaded"
}
]
}
}

370
2006/1xxx/CVE-2006-1934.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-1934", "ID": "CVE-2006-1934",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00023.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00023.html" "lang": "eng",
}, "value": "Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code."
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1049", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1049" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2006-456", ]
"refsource" : "FEDORA", }
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html" ]
}, },
{ "references": {
"name" : "FEDORA-2006-461", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html" "name": "ethereal-net-instr-bo(26026)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26026"
"name" : "GLSA-200604-17", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-17.xml" "name": "19828",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19828"
"name" : "MDKSA-2006:077", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:077" "name": "19839",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19839"
"name" : "RHSA-2006:0420", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0420.html" "name": "20210",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20210"
"name" : "20060501-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc" "name": "ethereal-alcap-dissector-bo(26014)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26014"
"name" : "SUSE-SR:2006:010", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html" "name": "FEDORA-2006-456",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html"
"name" : "17682", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17682" "name": "MDKSA-2006:077",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:077"
"name" : "oval:org.mitre.oval:def:10445", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10445" "name": "http://www.ethereal.com/appnotes/enpa-sa-00023.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.ethereal.com/appnotes/enpa-sa-00023.html"
"name" : "ADV-2006-1501", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1501" "name": "19769",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19769"
"name" : "1015985", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015985" "name": "19962",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19962"
"name" : "19769", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19769" "name": "FEDORA-2006-461",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html"
"name" : "19805", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19805" "name": "1015985",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015985"
"name" : "19828", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19828" "name": "GLSA-200604-17",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-17.xml"
"name" : "19839", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19839" "name": "ADV-2006-1501",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1501"
"name" : "19958", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19958" "name": "DSA-1049",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1049"
"name" : "19962", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19962" "name": "19805",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19805"
"name" : "20117", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20117" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm"
"name" : "20944", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20944" "name": "20060501-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
"name" : "20210", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20210" "name": "SUSE-SR:2006:010",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html"
"name" : "ethereal-alcap-dissector-bo(26014)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26014" "name": "oval:org.mitre.oval:def:10445",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10445"
"name" : "ethereal-net-instr-bo(26026)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26026" "name": "20117",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20117"
"name" : "ethereal-netxwin-sniffer-bo(26027)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26027" "name": "17682",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17682"
} },
} {
"name": "20944",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20944"
},
{
"name": "ethereal-netxwin-sniffer-bo(26027)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26027"
},
{
"name": "RHSA-2006:0420",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0420.html"
},
{
"name": "19958",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19958"
}
]
}
}

160
2006/4xxx/CVE-2006-4203.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4203", "ID": "CVE-2006-4203",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2182", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2182" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
{ }
"name" : "19502", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19502" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-3278", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3278" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21479", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/21479" ]
}, },
{ "references": {
"name" : "commmp-help-file-include(28361)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361" "name": "ADV-2006-3278",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/3278"
} },
} {
"name": "19502",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19502"
},
{
"name": "21479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21479"
},
{
"name": "2182",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2182"
},
{
"name": "commmp-help-file-include(28361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
}
]
}
}

180
2006/4xxx/CVE-2006-4657.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4657", "ID": "CVE-2006-4657",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060907 SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/445479/100/0/threaded" "lang": "eng",
}, "value": "Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE."
{ }
"name" : "20060913 Re: SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/445889/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.security.nnov.ru/advisories/pandais.asp", "description": [
"refsource" : "MISC", {
"url" : "http://www.security.nnov.ru/advisories/pandais.asp" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19891", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/19891" ]
}, },
{ "references": {
"name" : "ADV-2006-3514", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3514" "name": "1524",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1524"
"name" : "21769", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21769" "name": "20060907 SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/445479/100/0/threaded"
"name" : "1524", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1524" "name": "19891",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/19891"
} },
} {
"name": "http://www.security.nnov.ru/advisories/pandais.asp",
"refsource": "MISC",
"url": "http://www.security.nnov.ru/advisories/pandais.asp"
},
{
"name": "20060913 Re: SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445889/100/0/threaded"
},
{
"name": "ADV-2006-3514",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3514"
},
{
"name": "21769",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21769"
}
]
}
}

34
2006/4xxx/CVE-2006-4699.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-4699", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2006-4699",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
} }
] ]
} }
} }

170
2006/4xxx/CVE-2006-4802.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4802", "ID": "CVE-2006-4802",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/446293/100/0/threaded" "lang": "eng",
}, "value": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
{ }
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html", ]
"refsource" : "CONFIRM", },
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19986", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19986" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1016842", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1016842" ]
}, },
{ "references": {
"name" : "21884", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21884" "name": "1016842",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016842"
"name" : "symantecantivirus-alert-dos(28937)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937" "name": "symantecantivirus-alert-dos(28937)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
} },
} {
"name": "19986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19986"
},
{
"name": "21884",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21884"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
},
{
"name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
}
]
}
}

160
2006/5xxx/CVE-2006-5939.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5939", "ID": "CVE-2006-5939",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061113 AVG Anti-Virus - Arbitrary Code Execution (remote)", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=116343152030074&w=2" "lang": "eng",
}, "value": "Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://www.grisoft.com/doc/36365/lng/us/tpl/tpl01", ]
"refsource" : "CONFIRM", },
"url" : "http://www.grisoft.com/doc/36365/lng/us/tpl/tpl01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4498", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4498" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22811", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22811" ]
}, },
{ "references": {
"name" : "avg-doc-dos(30247)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30247" "name": "avg-doc-dos(30247)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30247"
} },
} {
"name": "http://www.grisoft.com/doc/36365/lng/us/tpl/tpl01",
"refsource": "CONFIRM",
"url": "http://www.grisoft.com/doc/36365/lng/us/tpl/tpl01"
},
{
"name": "20061113 AVG Anti-Virus - Arbitrary Code Execution (remote)",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=116343152030074&w=2"
},
{
"name": "ADV-2006-4498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4498"
},
{
"name": "22811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22811"
}
]
}
}

140
2010/0xxx/CVE-2010-0231.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0231", "ID": "CVE-2010-0231",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain \"duplicate values,\" and spoofing of an authentication token, aka \"SMB NTLM Authentication Lack of Entropy Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-012", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012" "lang": "eng",
}, "value": "The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain \"duplicate values,\" and spoofing of an authentication token, aka \"SMB NTLM Authentication Lack of Entropy Vulnerability.\""
{ }
"name" : "TA10-040A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:7751", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7751" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:7751",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7751"
},
{
"name": "TA10-040A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "MS10-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012"
}
]
}
}

180
2010/0xxx/CVE-2010-0894.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0894", "ID": "CVE-2010-0894",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors."
{ }
"name" : "267568", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267568-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1020934", "description": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020934.1-1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA10-103B", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" ]
}, },
{ "references": {
"name" : "39457", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/39457" "name": "TA10-103B",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
"name" : "39431", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39431" "name": "39431",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/39431"
"name" : "osps-sjsa-unspecified(57750)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57750" "name": "267568",
} "refsource": "SUNALERT",
] "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267568-1"
} },
} {
"name": "39457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39457"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
},
{
"name": "1020934",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020934.1-1"
},
{
"name": "osps-sjsa-unspecified(57750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57750"
}
]
}
}

150
2010/2xxx/CVE-2010-2031.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2031", "ID": "CVE-2010-2031",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "12710", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/12710" "lang": "eng",
}, "value": "KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device."
{ }
"name" : "40342", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/40342" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39916", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39916" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "webshield-kavsafe-privilege-escalation(58780)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58780" ]
} },
] "references": {
} "reference_data": [
} {
"name": "40342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40342"
},
{
"name": "webshield-kavsafe-privilege-escalation(58780)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58780"
},
{
"name": "39916",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39916"
},
{
"name": "12710",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12710"
}
]
}
}

140
2010/2xxx/CVE-2010-2232.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"ID" : "CVE-2010-2232", "ID": "CVE-2010-2232",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Derby", "product_name": "Apache Derby",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.1.2.1, 10.2.2.0, 10.3.1.4, 10.4.1.3" "version_value": "10.1.2.1, 10.2.2.0, 10.3.1.4, 10.4.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://db.apache.org/derby/releases/release-10.6.2.1.html#Note+for+DERBY-2925", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://db.apache.org/derby/releases/release-10.6.2.1.html#Note+for+DERBY-2925" "lang": "eng",
}, "value": "In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file."
{ }
"name" : "https://issues.apache.org/jira/browse/DERBY-2925", ]
"refsource" : "CONFIRM", },
"url" : "https://issues.apache.org/jira/browse/DERBY-2925" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "101562", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101562" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/DERBY-2925",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/DERBY-2925"
},
{
"name": "101562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101562"
},
{
"name": "http://db.apache.org/derby/releases/release-10.6.2.1.html#Note+for+DERBY-2925",
"refsource": "CONFIRM",
"url": "http://db.apache.org/derby/releases/release-10.6.2.1.html#Note+for+DERBY-2925"
}
]
}
}

34
2010/2xxx/CVE-2010-2606.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2606", "ID": "CVE-2010-2606",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2010/3xxx/CVE-2010-3018.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2010-3018", "ID": "CVE-2010-3018",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100908 ESA-2010-014: RSA, The Security Division of EMC, releases security hot fixes for potential vulnerability in RSA&reg; Access Manager Server under certain conditions.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-09/0056.html" "lang": "eng",
} "value": "RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100908 ESA-2010-014: RSA, The Security Division of EMC, releases security hot fixes for potential vulnerability in RSA&reg; Access Manager Server under certain conditions.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-09/0056.html"
}
]
}
}

140
2010/3xxx/CVE-2010-3162.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2010-3162", "ID": "CVE-2010-3162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.venus.dti.ne.jp/mw31/apsaly/Vulnerability.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.venus.dti.ne.jp/mw31/apsaly/Vulnerability.html" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
{ }
"name" : "JVN#71138390", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN71138390/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2010-000046", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000046.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVN#71138390",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN71138390/index.html"
},
{
"name": "JVNDB-2010-000046",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000046.html"
},
{
"name": "http://www.venus.dti.ne.jp/mw31/apsaly/Vulnerability.html",
"refsource": "CONFIRM",
"url": "http://www.venus.dti.ne.jp/mw31/apsaly/Vulnerability.html"
}
]
}
}

140
2010/3xxx/CVE-2010-3740.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3740", "ID": "CVE-2010-3740",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT", "description_data": [
"refsource" : "CONFIRM", {
"url" : "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT" "lang": "eng",
}, "value": "The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function."
{ }
"name" : "IC66613", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:13811", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
"refsource": "CONFIRM",
"url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
},
{
"name": "IC66613",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613"
},
{
"name": "oval:org.mitre.oval:def:13811",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811"
}
]
}
}

250
2010/3xxx/CVE-2010-3839.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3839", "ID": "CVE-2010-3839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.mysql.com/bug.php?id=53544", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.mysql.com/bug.php?id=53544" "lang": "eng",
}, "value": "MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements."
{ }
"name" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html", ]
"refsource" : "CONFIRM", },
"url" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=640861", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=640861" ]
}, },
{ "references": {
"name" : "MDVSA-2010:222", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222" "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
}, "refsource": "CONFIRM",
{ "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
"name" : "MDVSA-2010:223", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223" "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
}, "refsource": "CONFIRM",
{ "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
"name" : "RHSA-2010:0825", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0825.html" "name": "USN-1397-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1397-1"
"name" : "RHSA-2011:0164", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0164.html" "name": "USN-1017-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1017-1"
"name" : "USN-1017-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1017-1" "name": "MDVSA-2010:222",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
"name" : "USN-1397-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1397-1" "name": "RHSA-2011:0164",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
"name" : "43676", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/43676" "name": "ADV-2011-0170",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0170"
"name" : "42936", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42936" "name": "43676",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/43676"
"name" : "ADV-2011-0170", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0170" "name": "http://bugs.mysql.com/bug.php?id=53544",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.mysql.com/bug.php?id=53544"
"name" : "mysql-invocations-dos(64839)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64839" "name": "42936",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/42936"
} },
} {
"name": "RHSA-2010:0825",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
},
{
"name": "mysql-invocations-dos(64839)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64839"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=640861",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640861"
},
{
"name": "MDVSA-2010:223",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
}
]
}
}

34
2010/4xxx/CVE-2010-4064.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4064", "ID": "CVE-2010-4064",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

310
2010/4xxx/CVE-2010-4409.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4409", "ID": "CVE-2010-4409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20101210 PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/515142/100/0/threaded" "lang": "eng",
}, "value": "Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument."
{ }
"name" : "15722", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/15722" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571", "description": [
"refsource" : "CONFIRM", {
"url" : "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://svn.php.net/viewvc?view=revision&revision=305571", ]
"refsource" : "CONFIRM", }
"url" : "http://svn.php.net/viewvc?view=revision&revision=305571" ]
}, },
{ "references": {
"name" : "http://www.php.net/ChangeLog-5.php", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php" "name": "http://svn.php.net/viewvc?view=revision&revision=305571",
}, "refsource": "CONFIRM",
{ "url": "http://svn.php.net/viewvc?view=revision&revision=305571"
"name" : "http://support.apple.com/kb/HT4581", },
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4581" "name": "ADV-2011-0077",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0077"
"name" : "APPLE-SA-2011-03-21-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" "name": "47674",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/47674"
"name" : "FEDORA-2010-18976", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html" "name": "FEDORA-2010-19011",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html"
"name" : "FEDORA-2010-19011", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html" "name": "42812",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42812"
"name" : "MDVSA-2010:255", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:255" "name": "MDVSA-2010:255",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:255"
"name" : "MDVSA-2010:254", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:254" "name": "APPLE-SA-2011-03-21-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"name" : "openSUSE-SU-2012:0100", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html" "name": "USN-1042-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1042-1"
"name" : "USN-1042-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1042-1" "name": "ADV-2011-0021",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0021"
"name" : "VU#479900", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/479900" "name": "http://www.php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php"
"name" : "45119", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45119" "name": "openSUSE-SU-2012:0100",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html"
"name" : "42812", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42812" "name": "20101210 PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/515142/100/0/threaded"
"name" : "47674", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47674" "name": "MDVSA-2010:254",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:254"
"name" : "ADV-2011-0020", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0020" "name": "15722",
}, "refsource": "EXPLOIT-DB",
{ "url": "http://www.exploit-db.com/exploits/15722"
"name" : "ADV-2011-0021", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0021" "name": "FEDORA-2010-18976",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html"
"name" : "ADV-2011-0077", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0077" "name": "ADV-2011-0020",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0020"
} },
} {
"name": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571",
"refsource": "CONFIRM",
"url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571"
},
{
"name": "45119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45119"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
},
{
"name": "VU#479900",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/479900"
}
]
}
}

170
2010/4xxx/CVE-2010-4579.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4579", "ID": "CVE-2010-4579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera before 11.00 does not properly constrain dialogs to appear on top of rendered documents, which makes it easier for remote attackers to trick users into interacting with a crafted web site that spoofs the (1) security information dialog or (2) download dialog."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opera.com/docs/changelogs/mac/1100/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/mac/1100/" "lang": "eng",
}, "value": "Opera before 11.00 does not properly constrain dialogs to appear on top of rendered documents, which makes it easier for remote attackers to trick users into interacting with a crafted web site that spoofs the (1) security information dialog or (2) download dialog."
{ }
"name" : "http://www.opera.com/docs/changelogs/unix/1100/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.opera.com/docs/changelogs/unix/1100/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.opera.com/docs/changelogs/windows/1100/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/windows/1100/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.opera.com/support/kb/view/977/", ]
"refsource" : "CONFIRM", }
"url" : "http://www.opera.com/support/kb/view/977/" ]
}, },
{ "references": {
"name" : "SUSE-SR:2010:024", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" "name": "http://www.opera.com/support/kb/view/977/",
}, "refsource": "CONFIRM",
{ "url": "http://www.opera.com/support/kb/view/977/"
"name" : "42653", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42653" "name": "42653",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/42653"
} },
} {
"name": "http://www.opera.com/docs/changelogs/unix/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1100/"
},
{
"name": "http://www.opera.com/docs/changelogs/windows/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1100/"
},
{
"name": "http://www.opera.com/docs/changelogs/mac/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1100/"
},
{
"name": "SUSE-SR:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
}
]
}
}

300
2010/4xxx/CVE-2010-4694.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4694", "ID": "CVE-2010-4694",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2010/11/21/1" "lang": "eng",
}, "value": "Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018."
{ }
"name" : "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2010/11/22/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem", "description": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2010/11/22/3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem", ]
"refsource" : "MLIST", }
"url" : "http://openwall.com/lists/oss-security/2010/11/22/12" ]
}, },
{ "references": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978" "name": "GLSA-201203-15",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201203-15.xml"
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=346501", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=346501" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=547515",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547515"
"name" : "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup", },
"refsource" : "CONFIRM", {
"url" : "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup" "name": "[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/11/22/12"
"name" : "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log", },
"refsource" : "CONFIRM", {
"url" : "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log" "name": "ADV-2011-0023",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0023"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=547515", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=547515" "name": "MDVSA-2011:009",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:009"
"name" : "FEDORA-2010-0358", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html" "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/11/22/3"
"name" : "GLSA-201101-01", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201101-01.xml" "name": "42796",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42796"
"name" : "GLSA-201203-15", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201203-15.xml" "name": "http://bugs.gentoo.org/show_bug.cgi?id=346501",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=346501"
"name" : "MDVSA-2011:009", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:009" "name": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log",
}, "refsource": "CONFIRM",
{ "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log"
"name" : "45815", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45815" "name": "gif2png-gif-bo(64754)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64754"
"name" : "42796", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42796" "name": "ADV-2010-3036",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/3036"
"name" : "ADV-2010-3036", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3036" "name": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup",
}, "refsource": "CONFIRM",
{ "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup"
"name" : "ADV-2011-0023", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0023" "name": "[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/11/21/1"
"name" : "ADV-2011-0107", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0107" "name": "ADV-2011-0107",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0107"
"name" : "gif2png-gif-bo(64754)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64754" "name": "GLSA-201101-01",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-201101-01.xml"
} },
} {
"name": "45815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45815"
},
{
"name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/11/22/1"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978"
},
{
"name": "FEDORA-2010-0358",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html"
}
]
}
}

34
2011/5xxx/CVE-2011-5232.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-5232", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-5232",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0025. Reason: This candidate is a duplicate of CVE-2012-0025. Notes: All CVE users should reference CVE-2012-0025 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0025. Reason: This candidate is a duplicate of CVE-2012-0025. Notes: All CVE users should reference CVE-2012-0025 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

230
2014/3xxx/CVE-2014-3186.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2014-3186", "ID": "CVE-2014-3186",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140911 Re: Multiple Linux USB driver CVE assignment", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/09/11/22" "lang": "eng",
}, "value": "Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report."
{ }
"name" : "https://code.google.com/p/google-security-research/issues/detail?id=101", ]
"refsource" : "MISC", },
"url" : "https://code.google.com/p/google-security-research/issues/detail?id=101" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=844817e47eef14141cf59b8d5ac08dd11c0a9189", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=844817e47eef14141cf59b8d5ac08dd11c0a9189" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1141407", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1141407" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/844817e47eef14141cf59b8d5ac08dd11c0a9189", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/844817e47eef14141cf59b8d5ac08dd11c0a9189" "name": "[oss-security] 20140911 Re: Multiple Linux USB driver CVE assignment",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/09/11/22"
"name" : "SUSE-SU-2015:0481", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html" "name": "https://github.com/torvalds/linux/commit/844817e47eef14141cf59b8d5ac08dd11c0a9189",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/844817e47eef14141cf59b8d5ac08dd11c0a9189"
"name" : "openSUSE-SU-2015:0566", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html" "name": "USN-2377-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2377-1"
"name" : "USN-2376-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2376-1" "name": "SUSE-SU-2015:0481",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
"name" : "USN-2377-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2377-1" "name": "USN-2378-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2378-1"
"name" : "USN-2378-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2378-1" "name": "openSUSE-SU-2015:0566",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"name" : "USN-2379-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2379-1" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141407",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141407"
"name" : "69763", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69763" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=844817e47eef14141cf59b8d5ac08dd11c0a9189",
} "refsource": "CONFIRM",
] "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=844817e47eef14141cf59b8d5ac08dd11c0a9189"
} },
} {
"name": "69763",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69763"
},
{
"name": "https://code.google.com/p/google-security-research/issues/detail?id=101",
"refsource": "MISC",
"url": "https://code.google.com/p/google-security-research/issues/detail?id=101"
},
{
"name": "USN-2379-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2379-1"
},
{
"name": "USN-2376-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2376-1"
}
]
}
}

150
2014/3xxx/CVE-2014-3292.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-3292", "ID": "CVE-2014-3292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34574", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34574" "lang": "eng",
}, "value": "The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199."
{ }
"name" : "20140609 Multiple Vulnerabilities in Real-Time Monitoring Tool of Cisco Unified Communications Manager", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030408", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030408" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "58315", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/58315" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34574",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34574"
},
{
"name": "1030408",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030408"
},
{
"name": "58315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58315"
},
{
"name": "20140609 Multiple Vulnerabilities in Real-Time Monitoring Tool of Cisco Unified Communications Manager",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292"
}
]
}
}

150
2014/3xxx/CVE-2014-3563.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3563", "ID": "CVE-2014-3563",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140821 Revised: Salt 2014.1.10 released", "description_data": [
"refsource" : "MLIST", {
"url" : "http://seclists.org/oss-sec/2014/q3/428" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud."
{ }
"name" : "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "69319", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69319" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "salt-cve20143563-symlink(95392)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95392" ]
} },
] "references": {
} "reference_data": [
} {
"name": "salt-cve20143563-symlink(95392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95392"
},
{
"name": "[oss-security] 20140821 Revised: Salt 2014.1.10 released",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/428"
},
{
"name": "69319",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69319"
},
{
"name": "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html",
"refsource": "CONFIRM",
"url": "http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html"
}
]
}
}

130
2014/3xxx/CVE-2014-3662.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3662", "ID": "CVE-2014-3662",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" "lang": "eng",
}, "value": "Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts."
{ }
"name" : "RHSA-2016:0070", ]
"refsource" : "REDHAT", },
"url" : "https://access.redhat.com/errata/RHSA-2016:0070" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:0070",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
}
]
}
}

34
2014/4xxx/CVE-2014-4791.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4791", "ID": "CVE-2014-4791",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/8xxx/CVE-2014-8197.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-8197", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-8197",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

34
2014/8xxx/CVE-2014-8468.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8468", "ID": "CVE-2014-8468",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/8xxx/CVE-2014-8885.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8885", "ID": "CVE-2014-8885",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2014/9xxx/CVE-2014-9057.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9057", "ID": "CVE-2014-9057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://movabletype.org/documentation/appendices/release-notes/6.0.6.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://movabletype.org/documentation/appendices/release-notes/6.0.6.html" "lang": "eng",
}, "value": "SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "https://movabletype.org/news/2014/12/6.0.6.html", ]
"refsource" : "CONFIRM", },
"url" : "https://movabletype.org/news/2014/12/6.0.6.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3183", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2015/dsa-3183" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "61227", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/61227" ]
} },
] "references": {
} "reference_data": [
} {
"name": "61227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61227"
},
{
"name": "DSA-3183",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2015/dsa-3183"
},
{
"name": "https://movabletype.org/news/2014/12/6.0.6.html",
"refsource": "CONFIRM",
"url": "https://movabletype.org/news/2014/12/6.0.6.html"
},
{
"name": "https://movabletype.org/documentation/appendices/release-notes/6.0.6.html",
"refsource": "CONFIRM",
"url": "https://movabletype.org/documentation/appendices/release-notes/6.0.6.html"
}
]
}
}

140
2014/9xxx/CVE-2014-9633.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9633", "ID": "CVE-2014-9633",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35905", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/35905" "lang": "eng",
}, "value": "The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference."
{ }
"name" : "http://packetstormsecurity.com/files/130094/Comodo-Backup-4.4.0.0-NULL-Pointer-Dereference.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/130094/Comodo-Backup-4.4.0.0-NULL-Pointer-Dereference.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://forums.comodo.com/news-announcements-feedback-cb/comodo-backup-44123-released-t107293.0.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://forums.comodo.com/news-announcements-feedback-cb/comodo-backup-44123-released-t107293.0.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "35905",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35905"
},
{
"name": "http://packetstormsecurity.com/files/130094/Comodo-Backup-4.4.0.0-NULL-Pointer-Dereference.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130094/Comodo-Backup-4.4.0.0-NULL-Pointer-Dereference.html"
},
{
"name": "http://forums.comodo.com/news-announcements-feedback-cb/comodo-backup-44123-released-t107293.0.html",
"refsource": "CONFIRM",
"url": "http://forums.comodo.com/news-announcements-feedback-cb/comodo-backup-44123-released-t107293.0.html"
}
]
}
}

140
2014/9xxx/CVE-2014-9805.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9805", "ID": "CVE-2014-9805",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141224 Imagemagick fuzzing bug", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/24/1" "lang": "eng",
}, "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file."
{ }
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343460", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343460" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343460",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343460"
},
{
"name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
},
{
"name": "[oss-security] 20141224 Imagemagick fuzzing bug",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
}
]
}
}

34
2014/9xxx/CVE-2014-9861.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9861", "ID": "CVE-2014-9861",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

380
2016/2xxx/CVE-2016-2184.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-2184", "ID": "CVE-2016-2184",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160310 oss-2016-16: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2016/Mar/88" "lang": "eng",
}, "value": "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor."
{ }
"name" : "20160310 oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://seclists.org/bugtraq/2016/Mar/89" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20160314 Re: oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2016/Mar/102" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39555", ]
"refsource" : "EXPLOIT-DB", }
"url" : "https://www.exploit-db.com/exploits/39555/" ]
}, },
{ "references": {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be" "name": "USN-2971-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2971-2"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1317012", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1317012" "name": "SUSE-SU-2016:1690",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
"name" : "https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be" "name": "20160310 oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)",
}, "refsource": "BUGTRAQ",
{ "url": "http://seclists.org/bugtraq/2016/Mar/89"
"name" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1", },
"refsource" : "CONFIRM", {
"url" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1" "name": "84340",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/84340"
"name" : "https://source.android.com/security/bulletin/2016-11-01.html", },
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-11-01.html" "name": "USN-2970-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2970-1"
"name" : "DSA-3607", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3607" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1317012",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317012"
"name" : "SUSE-SU-2016:1672", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" "name": "USN-2969-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2969-1"
"name" : "SUSE-SU-2016:1690", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" "name": "USN-2968-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2968-1"
"name" : "SUSE-SU-2016:1707", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f886ca12765d20124bd06291c82951fd49a33be"
"name" : "SUSE-SU-2016:1764", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" "name": "USN-2971-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2971-3"
"name" : "SUSE-SU-2016:2074", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" "name": "USN-2997-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2997-1"
"name" : "openSUSE-SU-2016:1008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" "name": "SUSE-SU-2016:1764",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
"name" : "SUSE-SU-2016:1019", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html" "name": "DSA-3607",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3607"
"name" : "USN-2996-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2996-1" "name": "USN-2971-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2971-1"
"name" : "USN-2997-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2997-1" "name": "SUSE-SU-2016:1707",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
"name" : "USN-2968-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2968-1" "name": "USN-2996-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2996-1"
"name" : "USN-2968-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2968-2" "name": "SUSE-SU-2016:1672",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
"name" : "USN-2969-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2969-1" "name": "SUSE-SU-2016:1019",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
"name" : "USN-2970-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2970-1" "name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
}, "refsource": "CONFIRM",
{ "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
"name" : "USN-2971-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2971-1" "name": "USN-2968-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2968-2"
"name" : "USN-2971-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2971-2" "name": "https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/0f886ca12765d20124bd06291c82951fd49a33be"
"name" : "USN-2971-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2971-3" "name": "https://source.android.com/security/bulletin/2016-11-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://source.android.com/security/bulletin/2016-11-01.html"
"name" : "84340", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84340" "name": "SUSE-SU-2016:2074",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
} },
} {
"name": "20160310 oss-2016-16: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver)",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Mar/88"
},
{
"name": "20160314 Re: oss-2016-17: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver)",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Mar/102"
},
{
"name": "openSUSE-SU-2016:1008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"name": "39555",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39555/"
}
]
}
}

34
2016/2xxx/CVE-2016-2321.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2321", "ID": "CVE-2016-2321",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2016/2xxx/CVE-2016-2406.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2406", "ID": "CVE-2016-2406",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160218-01-dsm-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160218-01-dsm-en" "lang": "eng",
} "value": "The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160218-01-dsm-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160218-01-dsm-en"
}
]
}
}

34
2016/2xxx/CVE-2016-2552.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2552", "ID": "CVE-2016-2552",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/2xxx/CVE-2016-2654.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2654", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2654",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

160
2016/3xxx/CVE-2016-3132.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3132", "ID": "CVE-2016-3132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1" "lang": "eng",
}, "value": "Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index."
{ }
"name" : "https://bugs.php.net/bug.php?id=71735", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.php.net/bug.php?id=71735" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://php.net/ChangeLog-7.php", "description": [
"refsource" : "CONFIRM", {
"url" : "https://php.net/ChangeLog-7.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://security-tracker.debian.org/tracker/CVE-2016-3132", ]
"refsource" : "CONFIRM", }
"url" : "https://security-tracker.debian.org/tracker/CVE-2016-3132" ]
}, },
{ "references": {
"name" : "92356", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92356" "name": "https://security-tracker.debian.org/tracker/CVE-2016-3132",
} "refsource": "CONFIRM",
] "url": "https://security-tracker.debian.org/tracker/CVE-2016-3132"
} },
} {
"name": "https://bugs.php.net/bug.php?id=71735",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=71735"
},
{
"name": "92356",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92356"
},
{
"name": "http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1",
"refsource": "CONFIRM",
"url": "http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1"
},
{
"name": "https://php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "https://php.net/ChangeLog-7.php"
}
]
}
}

130
2016/6xxx/CVE-2016-6193.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6193", "ID": "CVE-2016-6193",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160708-01-smartphone-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160708-01-smartphone-en" "lang": "eng",
}, "value": "Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192."
{ }
"name" : "91735", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91735" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160708-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160708-01-smartphone-en"
},
{
"name": "91735",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91735"
}
]
}
}

220
2016/6xxx/CVE-2016-6313.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-6313", "ID": "CVE-2016-6313",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[gnupg-announce] 20160817 [Announce] Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316]", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html" "lang": "eng",
}, "value": "The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits."
{ }
"name" : "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob_plain;f=NEWS", ]
"refsource" : "CONFIRM", },
"url" : "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob_plain;f=NEWS" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3649", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3649" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3650", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3650" ]
}, },
{ "references": {
"name" : "GLSA-201610-04", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-04" "name": "DSA-3650",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3650"
"name" : "GLSA-201612-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-01" "name": "GLSA-201612-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201612-01"
"name" : "RHSA-2016:2674", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2674.html" "name": "USN-3064-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3064-1"
"name" : "USN-3064-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3064-1" "name": "DSA-3649",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3649"
"name" : "USN-3065-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3065-1" "name": "GLSA-201610-04",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201610-04"
"name" : "92527", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92527" "name": "1036635",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036635"
"name" : "1036635", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036635" "name": "[gnupg-announce] 20160817 [Announce] Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316]",
} "refsource": "MLIST",
] "url": "https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html"
} },
} {
"name": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob_plain;f=NEWS",
"refsource": "CONFIRM",
"url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob_plain;f=NEWS"
},
{
"name": "RHSA-2016:2674",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2674.html"
},
{
"name": "92527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92527"
},
{
"name": "USN-3065-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3065-1"
}
]
}
}

170
2016/6xxx/CVE-2016-6506.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6506", "ID": "CVE-2016-6506",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2016/07/28/3" "lang": "eng",
}, "value": "epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet."
{ }
"name" : "http://www.wireshark.org/security/wnpa-sec-2016-42.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.wireshark.org/security/wnpa-sec-2016-42.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499", ]
"refsource" : "CONFIRM", }
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499" ]
}, },
{ "references": {
"name" : "DSA-3648", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3648" "name": "[oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2016/07/28/3"
"name" : "1036480", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036480" "name": "DSA-3648",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3648"
} },
} {
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2016-42.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2016-42.html"
},
{
"name": "1036480",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036480"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a9d5256890c9189c7461bfce6ed6edce5d861499"
}
]
}
}

140
2016/6xxx/CVE-2016-6777.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-6777", "ID": "CVE-2016-6777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777."
{ }
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", ]
"refsource" : "CONFIRM", },
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94674", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94674" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "94674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94674"
},
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
]
}
}

160
2016/6xxx/CVE-2016-6925.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6925", "ID": "CVE-2016-6925",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932."
{ }
"name" : "GLSA-201610-10", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201610-10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1865", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1865.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92927", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92927" ]
}, },
{ "references": {
"name" : "1036791", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036791" "name": "GLSA-201610-10",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201610-10"
} },
} {
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"name": "RHSA-2016:1865",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"name": "92927",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92927"
},
{
"name": "1036791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036791"
}
]
}
}

140
2016/6xxx/CVE-2016-6979.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6979", "ID": "CVE-2016-6979",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993."
{ }
"name" : "93491", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93491" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036986", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036986" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}

140
2016/7xxx/CVE-2016-7252.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-7252", "ID": "CVE-2016-7252",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka \"SQL Analysis Services Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-136", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136" "lang": "eng",
}, "value": "Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka \"SQL Analysis Services Information Disclosure Vulnerability.\""
{ }
"name" : "94050", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94050" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037250", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037250" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037250",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037250"
},
{
"name": "94050",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94050"
},
{
"name": "MS16-136",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136"
}
]
}
}

170
2016/7xxx/CVE-2016-7660.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-7660", "ID": "CVE-2016-7660",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"syslog\" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40959", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40959/" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"syslog\" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references."
{ }
"name" : "https://support.apple.com/HT207422", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207422" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207423", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207423" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT207487", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT207487" ]
}, },
{ "references": {
"name" : "94905", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94905" "name": "https://support.apple.com/HT207487",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT207487"
"name" : "1037469", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037469" "name": "https://support.apple.com/HT207422",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT207422"
} },
} {
"name": "94905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"name": "40959",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40959/"
},
{
"name": "1037469",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037469"
},
{
"name": "https://support.apple.com/HT207423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207423"
}
]
}
}

130
2016/7xxx/CVE-2016-7968.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7968", "ID": "CVE-2016-7968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161004 Re: KMail vulnerabilites: need 3 CVE", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/05/1" "lang": "eng",
}, "value": "KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed."
{ }
"name" : "93360", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93360" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93360"
},
{
"name": "[oss-security] 20161004 Re: KMail vulnerabilites: need 3 CVE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/05/1"
}
]
}
}