diff --git a/1999/0xxx/CVE-1999-0006.json b/1999/0xxx/CVE-1999-0006.json index 99ca6fa5846..103d0039a84 100644 --- a/1999/0xxx/CVE-1999-0006.json +++ b/1999/0xxx/CVE-1999-0006.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980801-01-I", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980801-01-I" - }, - { - "name" : "133", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/133" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980801-01-I", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980801-01-I" + }, + { + "name": "133", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/133" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0301.json b/1999/0xxx/CVE-1999-0301.json index 031434f1057..18458662e46 100644 --- a/1999/0xxx/CVE-1999-0301.json +++ b/1999/0xxx/CVE-1999-0301.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0301", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in SunOS/Solaris ps command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00149", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in SunOS/Solaris ps command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "00149", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/149" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0774.json b/1999/0xxx/CVE-1999-0774.json index 9660bff1417..02db97066df 100644 --- a/1999/0xxx/CVE-1999-0774.json +++ b/1999/0xxx/CVE-1999-0774.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0774", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "617", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "617", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/617" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1125.json b/1999/1xxx/CVE-1999-1125.json index c1658e244d2..1332bb4925e 100644 --- a/1999/1xxx/CVE-1999-1125.json +++ b/1999/1xxx/CVE-1999-1125.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19970919 Instresting practises of Oracle [Oracle Webserver]", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=87602880019796&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19970919 Instresting practises of Oracle [Oracle Webserver]", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=87602880019796&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0073.json b/2000/0xxx/CVE-2000-0073.json index 746161ceb82..108ee05e77b 100644 --- a/2000/0xxx/CVE-2000-0073.json +++ b/2000/0xxx/CVE-2000-0073.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0073", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0073", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS00-005", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-005" - }, - { - "name" : "Q249973", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q249973" - }, - { - "name" : "win-malformed-rtf-control-word", - "refsource" : "XF", - "url" : "http://xforce.iss.net/search.php3?type=2&pattern=win-malformed-rtf-control-word" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q249973", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q249973" + }, + { + "name": "MS00-005", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-005" + }, + { + "name": "win-malformed-rtf-control-word", + "refsource": "XF", + "url": "http://xforce.iss.net/search.php3?type=2&pattern=win-malformed-rtf-control-word" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0302.json b/2000/0xxx/CVE-2000-0302.json index 5ee1d4f01ec..acad6b3a1b1 100644 --- a/2000/0xxx/CVE-2000-0302.json +++ b/2000/0xxx/CVE-2000-0302.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000331 Alert: MS Index Server (CISADV000330)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95453598317340&w=2" - }, - { - "name" : "MS00-006", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-006" - }, - { - "name" : "1084", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1084" - }, - { - "name" : "271", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/271" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS00-006", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-006" + }, + { + "name": "1084", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1084" + }, + { + "name": "20000331 Alert: MS Index Server (CISADV000330)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95453598317340&w=2" + }, + { + "name": "271", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/271" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0487.json b/2000/0xxx/CVE-2000-0487.json index 8530fd0a25d..9c2e169a42a 100644 --- a/2000/0xxx/CVE-2000-0487.json +++ b/2000/0xxx/CVE-2000-0487.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0487", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the \"Protected Store Key Length\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0487", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS00-032", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-032" - }, - { - "name" : "1295", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1295" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the \"Protected Store Key Length\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS00-032", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-032" + }, + { + "name": "1295", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1295" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0785.json b/2000/0xxx/CVE-2000-0785.json index 0fc46b402ab..64e3e6e5d91 100644 --- a/2000/0xxx/CVE-2000-0785.json +++ b/2000/0xxx/CVE-2000-0785.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000713 More wIRCSrv stupidity", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=96353027909756&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000713 More wIRCSrv stupidity", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=96353027909756&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0899.json b/2000/0xxx/CVE-2000-0899.json index 10a4aa118ca..03e4cbd4424 100644 --- a/2000/0xxx/CVE-2000-0899.json +++ b/2000/0xxx/CVE-2000-0899.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0899", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0899", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001114 Vulnerabilites in SmallHTTP Server", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97421834001092&w=2" - }, - { - "name" : "1942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1942" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1942" + }, + { + "name": "20001114 Vulnerabilites in SmallHTTP Server", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97421834001092&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0015.json b/2007/0xxx/CVE-2007-0015.json index b63be0ca9ac..1b703b6283c 100644 --- a/2007/0xxx/CVE-2007-0015.json +++ b/2007/0xxx/CVE-2007-0015.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.info-pull.com/moab/MOAB-01-01-2007.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/moab/MOAB-01-01-2007.html" - }, - { - "name" : "3064", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3064" - }, - { - "name" : "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_1.20070102060815.15950.zadder.local.html", - "refsource" : "MISC", - "url" : "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_1.20070102060815.15950.zadder.local.html" - }, - { - "name" : "http://isc.sans.org/diary.html?storyid=2094", - "refsource" : "MISC", - "url" : "http://isc.sans.org/diary.html?storyid=2094" - }, - { - "name" : "http://secunia.com/blog/7/", - "refsource" : "MISC", - "url" : "http://secunia.com/blog/7/" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=304989", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=304989" - }, - { - "name" : "APPLE-SA-2007-01-23", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Jan/msg00000.html" - }, - { - "name" : "TA07-005A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-005A.html" - }, - { - "name" : "VU#442497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/442497" - }, - { - "name" : "21829", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21829" - }, - { - "name" : "ADV-2007-0001", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0001" - }, - { - "name" : "31023", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31023" - }, - { - "name" : "1017461", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017461" - }, - { - "name" : "23540", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23540" - }, - { - "name" : "quicktime-rtsp-url-bo(31203)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#442497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/442497" + }, + { + "name": "APPLE-SA-2007-01-23", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Jan/msg00000.html" + }, + { + "name": "http://isc.sans.org/diary.html?storyid=2094", + "refsource": "MISC", + "url": "http://isc.sans.org/diary.html?storyid=2094" + }, + { + "name": "31023", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31023" + }, + { + "name": "TA07-005A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-005A.html" + }, + { + "name": "http://secunia.com/blog/7/", + "refsource": "MISC", + "url": "http://secunia.com/blog/7/" + }, + { + "name": "quicktime-rtsp-url-bo(31203)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31203" + }, + { + "name": "23540", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23540" + }, + { + "name": "21829", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21829" + }, + { + "name": "3064", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3064" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=304989", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=304989" + }, + { + "name": "http://projects.info-pull.com/moab/MOAB-01-01-2007.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/moab/MOAB-01-01-2007.html" + }, + { + "name": "ADV-2007-0001", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0001" + }, + { + "name": "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_1.20070102060815.15950.zadder.local.html", + "refsource": "MISC", + "url": "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_1.20070102060815.15950.zadder.local.html" + }, + { + "name": "1017461", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017461" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0312.json b/2007/0xxx/CVE-2007-0312.json index 4b5efc495da..e8ab1072c88 100644 --- a/2007/0xxx/CVE-2007-0312.json +++ b/2007/0xxx/CVE-2007-0312.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0312", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0312", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070114 wcSimple Poll (password.txt) Remote Password Disclosure Vulnerablity", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456982/100/0/threaded" - }, - { - "name" : "33539", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33539" - }, - { - "name" : "2157", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070114 wcSimple Poll (password.txt) Remote Password Disclosure Vulnerablity", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456982/100/0/threaded" + }, + { + "name": "2157", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2157" + }, + { + "name": "33539", + "refsource": "OSVDB", + "url": "http://osvdb.org/33539" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1114.json b/2007/1xxx/CVE-2007-1114.json index 363a90d88ec..cb4ed823cac 100644 --- a/2007/1xxx/CVE-2007-1114.json +++ b/2007/1xxx/CVE-2007-1114.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1114", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1114", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070223 Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461076/100/0/threaded" - }, - { - "name" : "http://www.hardened-php.net/advisory_032007.142.html", - "refsource" : "MISC", - "url" : "http://www.hardened-php.net/advisory_032007.142.html" - }, - { - "name" : "22701", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22701" - }, - { - "name" : "ADV-2007-0744", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0744" - }, - { - "name" : "32119", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32119" - }, - { - "name" : "24314", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24314" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22701", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22701" + }, + { + "name": "24314", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24314" + }, + { + "name": "20070223 Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461076/100/0/threaded" + }, + { + "name": "http://www.hardened-php.net/advisory_032007.142.html", + "refsource": "MISC", + "url": "http://www.hardened-php.net/advisory_032007.142.html" + }, + { + "name": "ADV-2007-0744", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0744" + }, + { + "name": "32119", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32119" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1461.json b/2007/1xxx/CVE-2007-1461.json index 59bd3359466..51eb465d45e 100644 --- a/2007/1xxx/CVE-2007-1461.json +++ b/2007/1xxx/CVE-2007-1461.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1461", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1461", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-21-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-21-2007.html" - }, - { - "name" : "http://us2.php.net/releases/4_4_7.php", - "refsource" : "CONFIRM", - "url" : "http://us2.php.net/releases/4_4_7.php" - }, - { - "name" : "http://us2.php.net/releases/5_2_2.php", - "refsource" : "CONFIRM", - "url" : "http://us2.php.net/releases/5_2_2.php" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=306172", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306172" - }, - { - "name" : "APPLE-SA-2007-07-31", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "22954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22954" - }, - { - "name" : "25159", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25159" - }, - { - "name" : "ADV-2007-2732", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2732" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - }, - { - "name" : "26235", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26235" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2732", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2732" + }, + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "APPLE-SA-2007-07-31", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" + }, + { + "name": "http://us2.php.net/releases/4_4_7.php", + "refsource": "CONFIRM", + "url": "http://us2.php.net/releases/4_4_7.php" + }, + { + "name": "http://us2.php.net/releases/5_2_2.php", + "refsource": "CONFIRM", + "url": "http://us2.php.net/releases/5_2_2.php" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=306172", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306172" + }, + { + "name": "25159", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25159" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-21-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-21-2007.html" + }, + { + "name": "26235", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26235" + }, + { + "name": "22954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22954" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1667.json b/2007/1xxx/CVE-2007-1667.json index 60e2eb4187d..2eaffbccb50 100644 --- a/2007/1xxx/CVE-2007-1667.json +++ b/2007/1xxx/CVE-2007-1667.json @@ -1,327 +1,327 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-1667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464686/100/0/threaded" - }, - { - "name" : "20070405 FLEA-2007-0009-1: xorg-x11 freetype", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464816/100/0/threaded" - }, - { - "name" : "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", - "refsource" : "MLIST", - "url" : "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684" - }, - { - "name" : "http://issues.foresightlinux.org/browse/FL-223", - "refsource" : "CONFIRM", - "url" : "http://issues.foresightlinux.org/browse/FL-223" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1213", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1213" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1211", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1211" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm" - }, - { - "name" : "http://support.apple.com/kb/HT3438", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3438" - }, - { - "name" : "APPLE-SA-2009-02-12", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" - }, - { - "name" : "DSA-1294", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1294" - }, - { - "name" : "DSA-1858", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1858" - }, - { - "name" : "GLSA-200705-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-06.xml" - }, - { - "name" : "GLSA-200805-07", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" - }, - { - "name" : "MDKSA-2007:079", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" - }, - { - "name" : "MDKSA-2007:147", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147" - }, - { - "name" : "[3.9] 021: SECURITY FIX: April 4, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata39.html#021_xorg" - }, - { - "name" : "[4.0] 011: SECURITY FIX: April 4, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata40.html#011_xorg" - }, - { - "name" : "RHSA-2007:0126", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0126.html" - }, - { - "name" : "RHSA-2007:0125", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0125.html" - }, - { - "name" : "RHSA-2007:0157", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0157.html" - }, - { - "name" : "102888", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1" - }, - { - "name" : "SUSE-SA:2007:027", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_27_x.html" - }, - { - "name" : "SUSE-SR:2007:008", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_8_sr.html" - }, - { - "name" : "USN-453-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-453-1" - }, - { - "name" : "USN-453-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-453-2" - }, - { - "name" : "USN-481-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-481-1" - }, - { - "name" : "23300", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23300" - }, - { - "name" : "oval:org.mitre.oval:def:9776", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776" - }, - { - "name" : "36260", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36260" - }, - { - "name" : "ADV-2007-1217", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1217" - }, - { - "name" : "ADV-2007-1531", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1531" - }, - { - "name" : "oval:org.mitre.oval:def:1693", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693" - }, - { - "name" : "1017864", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017864" - }, - { - "name" : "24741", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24741" - }, - { - "name" : "24756", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24756" - }, - { - "name" : "24745", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24745" - }, - { - "name" : "24758", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24758" - }, - { - "name" : "24765", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24765" - }, - { - "name" : "24771", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24771" - }, - { - "name" : "24791", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24791" - }, - { - "name" : "24739", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24739" - }, - { - "name" : "24953", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24953" - }, - { - "name" : "25004", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25004" - }, - { - "name" : "24975", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24975" - }, - { - "name" : "25112", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25112" - }, - { - "name" : "25072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25072" - }, - { - "name" : "25131", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25131" - }, - { - "name" : "25305", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25305" - }, - { - "name" : "25992", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25992" - }, - { - "name" : "26177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26177" - }, - { - "name" : "30161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30161" - }, - { - "name" : "33937", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33937" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102888", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm" + }, + { + "name": "24745", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24745" + }, + { + "name": "33937", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33937" + }, + { + "name": "24771", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24771" + }, + { + "name": "24756", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24756" + }, + { + "name": "RHSA-2007:0126", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html" + }, + { + "name": "23300", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23300" + }, + { + "name": "http://support.apple.com/kb/HT3438", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3438" + }, + { + "name": "24739", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24739" + }, + { + "name": "APPLE-SA-2009-02-12", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" + }, + { + "name": "GLSA-200705-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-06.xml" + }, + { + "name": "24758", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24758" + }, + { + "name": "USN-453-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-453-1" + }, + { + "name": "USN-481-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-481-1" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1211", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1211" + }, + { + "name": "RHSA-2007:0125", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html" + }, + { + "name": "24741", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24741" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045" + }, + { + "name": "25992", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25992" + }, + { + "name": "26177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26177" + }, + { + "name": "USN-453-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-453-2" + }, + { + "name": "ADV-2007-1531", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1531" + }, + { + "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", + "refsource": "MLIST", + "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" + }, + { + "name": "24791", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24791" + }, + { + "name": "24975", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24975" + }, + { + "name": "SUSE-SA:2007:027", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html" + }, + { + "name": "30161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30161" + }, + { + "name": "GLSA-200805-07", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" + }, + { + "name": "DSA-1294", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1294" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684" + }, + { + "name": "1017864", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017864" + }, + { + "name": "24765", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24765" + }, + { + "name": "SUSE-SR:2007:008", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html" + }, + { + "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded" + }, + { + "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded" + }, + { + "name": "25131", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25131" + }, + { + "name": "DSA-1858", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1858" + }, + { + "name": "oval:org.mitre.oval:def:9776", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776" + }, + { + "name": "24953", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24953" + }, + { + "name": "ADV-2007-1217", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1217" + }, + { + "name": "[4.0] 011: SECURITY FIX: April 4, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata40.html#011_xorg" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1213", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1213" + }, + { + "name": "25004", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25004" + }, + { + "name": "MDKSA-2007:147", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147" + }, + { + "name": "25305", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25305" + }, + { + "name": "oval:org.mitre.oval:def:1693", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693" + }, + { + "name": "25072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25072" + }, + { + "name": "[3.9] 021: SECURITY FIX: April 4, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata39.html#021_xorg" + }, + { + "name": "25112", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25112" + }, + { + "name": "http://issues.foresightlinux.org/browse/FL-223", + "refsource": "CONFIRM", + "url": "http://issues.foresightlinux.org/browse/FL-223" + }, + { + "name": "36260", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36260" + }, + { + "name": "RHSA-2007:0157", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0157.html" + }, + { + "name": "MDKSA-2007:079", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1797.json b/2007/1xxx/CVE-2007-1797.json index fc829d0b30f..044abe1e7c9 100644 --- a/2007/1xxx/CVE-2007-1797.json +++ b/2007/1xxx/CVE-2007-1797.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070331 Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496" - }, - { - "name" : "http://www.imagemagick.org/script/changelog.php", - "refsource" : "MISC", - "url" : "http://www.imagemagick.org/script/changelog.php" - }, - { - "name" : "https://issues.foresightlinux.org/browse/FL-222", - "refsource" : "CONFIRM", - "url" : "https://issues.foresightlinux.org/browse/FL-222" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1205", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1205" - }, - { - "name" : "DSA-1858", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1858" - }, - { - "name" : "GLSA-200705-13", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-13.xml" - }, - { - "name" : "MDKSA-2007:147", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147" - }, - { - "name" : "RHSA-2008:0145", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0145.html" - }, - { - "name" : "RHSA-2008:0165", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0165.html" - }, - { - "name" : "SUSE-SR:2007:008", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_8_sr.html" - }, - { - "name" : "USN-481-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-481-1" - }, - { - "name" : "23347", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23347" - }, - { - "name" : "23252", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23252" - }, - { - "name" : "oval:org.mitre.oval:def:9254", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254" - }, - { - "name" : "36260", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36260" - }, - { - "name" : "ADV-2007-1200", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1200" - }, - { - "name" : "1017839", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017839" - }, - { - "name" : "24721", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24721" - }, - { - "name" : "24739", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24739" - }, - { - "name" : "25072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25072" - }, - { - "name" : "25206", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25206" - }, - { - "name" : "25992", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25992" - }, - { - "name" : "26177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26177" - }, - { - "name" : "29786", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29786" - }, - { - "name" : "29857", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29857" - }, - { - "name" : "imagemagick-readdcmimage-bo(33376)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376" - }, - { - "name" : "imagemagick-readxwdimage-bo(33377)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23347", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23347" + }, + { + "name": "29857", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29857" + }, + { + "name": "GLSA-200705-13", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-13.xml" + }, + { + "name": "RHSA-2008:0145", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html" + }, + { + "name": "oval:org.mitre.oval:def:9254", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254" + }, + { + "name": "20070331 Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496" + }, + { + "name": "https://issues.foresightlinux.org/browse/FL-222", + "refsource": "CONFIRM", + "url": "https://issues.foresightlinux.org/browse/FL-222" + }, + { + "name": "24739", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24739" + }, + { + "name": "29786", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29786" + }, + { + "name": "1017839", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017839" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1205", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1205" + }, + { + "name": "USN-481-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-481-1" + }, + { + "name": "23252", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23252" + }, + { + "name": "25992", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25992" + }, + { + "name": "26177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26177" + }, + { + "name": "RHSA-2008:0165", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html" + }, + { + "name": "imagemagick-readxwdimage-bo(33377)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377" + }, + { + "name": "ADV-2007-1200", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1200" + }, + { + "name": "SUSE-SR:2007:008", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html" + }, + { + "name": "DSA-1858", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1858" + }, + { + "name": "http://www.imagemagick.org/script/changelog.php", + "refsource": "MISC", + "url": "http://www.imagemagick.org/script/changelog.php" + }, + { + "name": "MDKSA-2007:147", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147" + }, + { + "name": "imagemagick-readdcmimage-bo(33376)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376" + }, + { + "name": "24721", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24721" + }, + { + "name": "25072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25072" + }, + { + "name": "25206", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25206" + }, + { + "name": "36260", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36260" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5041.json b/2007/5xxx/CVE-2007-5041.json index 1c7aa303eb2..a4e6dcea1ca 100644 --- a/2007/5xxx/CVE-2007-5041.json +++ b/2007/5xxx/CVE-2007-5041.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSDT hooks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070918 Plague in (security) software drivers & BSDOhook utility", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479830/100/0/threaded" - }, - { - "name" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" - }, - { - "name" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" - }, - { - "name" : "45896", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45896" - }, - { - "name" : "3161", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3161" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSDT hooks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3161", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3161" + }, + { + "name": "45896", + "refsource": "OSVDB", + "url": "http://osvdb.org/45896" + }, + { + "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", + "refsource": "MISC", + "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" + }, + { + "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", + "refsource": "MISC", + "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" + }, + { + "name": "20070918 Plague in (security) software drivers & BSDOhook utility", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5164.json b/2007/5xxx/CVE-2007-5164.json index 2a61cbe337d..0a05c63f4c3 100644 --- a/2007/5xxx/CVE-2007-5164.json +++ b/2007/5xxx/CVE-2007-5164.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5164", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in htmls/forum/includes/topic_review.php in UniversiBO 1.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this issue is disputed by CVE because the applicable include is in a function that is not called on a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5164", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-universibo/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-universibo/" - }, - { - "name" : "39639", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39639" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in htmls/forum/includes/topic_review.php in UniversiBO 1.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this issue is disputed by CVE because the applicable include is in a function that is not called on a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39639", + "refsource": "OSVDB", + "url": "http://osvdb.org/39639" + }, + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-universibo/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-universibo/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5838.json b/2007/5xxx/CVE-2007-5838.json index a664c25ce32..dd431e6e62c 100644 --- a/2007/5xxx/CVE-2007-5838.json +++ b/2007/5xxx/CVE-2007-5838.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the \"Enable key-based authentication to Deployment server\" browser option, a different issue than CVE-2007-4380." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.irmplc.com/index.php/111-Vendor-Alerts", - "refsource" : "MISC", - "url" : "http://www.irmplc.com/index.php/111-Vendor-Alerts" - }, - { - "name" : "http://www.irmplc.com/index.php/152-Advisory-022", - "refsource" : "MISC", - "url" : "http://www.irmplc.com/index.php/152-Advisory-022" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2007.10.31a.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2007.10.31a.html" - }, - { - "name" : "26265", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26265" - }, - { - "name" : "ADV-2007-3673", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3673" - }, - { - "name" : "1018876", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018876" - }, - { - "name" : "27412", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27412" - }, - { - "name" : "symantec-altiris-browser-priv-escalation(38180)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38180" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the \"Enable key-based authentication to Deployment server\" browser option, a different issue than CVE-2007-4380." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018876", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018876" + }, + { + "name": "http://www.irmplc.com/index.php/111-Vendor-Alerts", + "refsource": "MISC", + "url": "http://www.irmplc.com/index.php/111-Vendor-Alerts" + }, + { + "name": "ADV-2007-3673", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3673" + }, + { + "name": "http://www.irmplc.com/index.php/152-Advisory-022", + "refsource": "MISC", + "url": "http://www.irmplc.com/index.php/152-Advisory-022" + }, + { + "name": "27412", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27412" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2007.10.31a.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2007.10.31a.html" + }, + { + "name": "26265", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26265" + }, + { + "name": "symantec-altiris-browser-priv-escalation(38180)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38180" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3165.json b/2015/3xxx/CVE-2015-3165.json index 6bc1c17f3ca..7d2445de66f 100644 --- a/2015/3xxx/CVE-2015-3165.json +++ b/2015/3xxx/CVE-2015-3165.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3165", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3165", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.postgresql.org/about/news/1587/", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/about/news/1587/" - }, - { - "name" : "http://www.postgresql.org/docs/9.0/static/release-9-0-20.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/9.0/static/release-9-0-20.html" - }, - { - "name" : "http://www.postgresql.org/docs/9.1/static/release-9-1-16.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/9.1/static/release-9-1-16.html" - }, - { - "name" : "http://www.postgresql.org/docs/9.2/static/release-9-2-11.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/9.2/static/release-9-2-11.html" - }, - { - "name" : "http://www.postgresql.org/docs/9.3/static/release-9-3-7.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/9.3/static/release-9-3-7.html" - }, - { - "name" : "http://www.postgresql.org/docs/9.4/static/release-9-4-2.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/9.4/static/release-9-4-2.html" - }, - { - "name" : "https://support.apple.com/HT205219", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205219" - }, - { - "name" : "APPLE-SA-2015-09-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" - }, - { - "name" : "DSA-3269", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3269" - }, - { - "name" : "DSA-3270", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3270" - }, - { - "name" : "GLSA-201507-20", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201507-20" - }, - { - "name" : "RHSA-2015:1194", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1194.html" - }, - { - "name" : "RHSA-2015:1195", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1195.html" - }, - { - "name" : "RHSA-2015:1196", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1196.html" - }, - { - "name" : "USN-2621-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2621-1" - }, - { - "name" : "74787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74787" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74787" + }, + { + "name": "http://www.postgresql.org/about/news/1587/", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/about/news/1587/" + }, + { + "name": "http://www.postgresql.org/docs/9.0/static/release-9-0-20.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/9.0/static/release-9-0-20.html" + }, + { + "name": "USN-2621-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2621-1" + }, + { + "name": "http://www.postgresql.org/docs/9.4/static/release-9-4-2.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/9.4/static/release-9-4-2.html" + }, + { + "name": "RHSA-2015:1195", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1195.html" + }, + { + "name": "DSA-3269", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3269" + }, + { + "name": "http://www.postgresql.org/docs/9.2/static/release-9-2-11.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/9.2/static/release-9-2-11.html" + }, + { + "name": "GLSA-201507-20", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201507-20" + }, + { + "name": "RHSA-2015:1194", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1194.html" + }, + { + "name": "DSA-3270", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3270" + }, + { + "name": "http://www.postgresql.org/docs/9.1/static/release-9-1-16.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/9.1/static/release-9-1-16.html" + }, + { + "name": "APPLE-SA-2015-09-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" + }, + { + "name": "http://www.postgresql.org/docs/9.3/static/release-9-3-7.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/9.3/static/release-9-3-7.html" + }, + { + "name": "https://support.apple.com/HT205219", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205219" + }, + { + "name": "RHSA-2015:1196", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1196.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3191.json b/2015/3xxx/CVE-2015-3191.json index 2a855e370cf..1aee0e28d98 100644 --- a/2015/3xxx/CVE-2015-3191.json +++ b/2015/3xxx/CVE-2015-3191.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2015-3191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Foundry", - "version" : { - "version_data" : [ - { - "version_value" : "Runtime cf-release versions v209 or earlier" - }, - { - "version_value" : "UAA Standalone versions 2.2.6 or earlier" - }, - { - "version_value" : "Runtime 1.4.5 or earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Pivotal" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an attacker to trigger an e-mail change for a user logged into a cloud foundry instance via a malicious link on a attacker controlled site. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CSRF" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2015-3191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cloud Foundry", + "version": { + "version_data": [ + { + "version_value": "Runtime cf-release versions v209 or earlier" + }, + { + "version_value": "UAA Standalone versions 2.2.6 or earlier" + }, + { + "version_value": "Runtime 1.4.5 or earlier" + } + ] + } + } + ] + }, + "vendor_name": "Pivotal" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pivotal.io/security/cve-2015-3191", - "refsource" : "CONFIRM", - "url" : "https://pivotal.io/security/cve-2015-3191" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an attacker to trigger an e-mail change for a user logged into a cloud foundry instance via a malicious link on a attacker controlled site. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CSRF" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://pivotal.io/security/cve-2015-3191", + "refsource": "CONFIRM", + "url": "https://pivotal.io/security/cve-2015-3191" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3957.json b/2015/3xxx/CVE-2015-3957.json index 74f296b2316..a66b512dc80 100644 --- a/2015/3xxx/CVE-2015-3957.json +++ b/2015/3xxx/CVE-2015-3957.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3957", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-3957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm", - "refsource" : "MISC", - "url" : "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B" - }, - { - "name" : "75136", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm", + "refsource": "MISC", + "url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm" + }, + { + "name": "75136", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75136" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6926.json b/2015/6xxx/CVE-2015-6926.json index efd3ce535c4..52ced7043a5 100644 --- a/2015/6xxx/CVE-2015-6926.json +++ b/2015/6xxx/CVE-2015-6926.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.oxid-esales.com/view.php?id=6224", - "refsource" : "CONFIRM", - "url" : "https://bugs.oxid-esales.com/view.php?id=6224" - }, - { - "name" : "https://oxidforge.org/en/oxid-security-bulletin-2015-001.html", - "refsource" : "CONFIRM", - "url" : "https://oxidforge.org/en/oxid-security-bulletin-2015-001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://oxidforge.org/en/oxid-security-bulletin-2015-001.html", + "refsource": "CONFIRM", + "url": "https://oxidforge.org/en/oxid-security-bulletin-2015-001.html" + }, + { + "name": "https://bugs.oxid-esales.com/view.php?id=6224", + "refsource": "CONFIRM", + "url": "https://bugs.oxid-esales.com/view.php?id=6224" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6937.json b/2015/6xxx/CVE-2015-6937.json index b237332f5a6..038ace4c8d8 100644 --- a/2015/6xxx/CVE-2015-6937.json +++ b/2015/6xxx/CVE-2015-6937.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6937", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6937", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/09/14/3" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1263139", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1263139" - }, - { - "name" : "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "DSA-3364", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3364" - }, - { - "name" : "FEDORA-2015-16417", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html" - }, - { - "name" : "FEDORA-2015-16440", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html" - }, - { - "name" : "FEDORA-2015-16441", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html" - }, - { - "name" : "SUSE-SU-2016:2074", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" - }, - { - "name" : "SUSE-SU-2016:0335", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html" - }, - { - "name" : "SUSE-SU-2016:0337", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html" - }, - { - "name" : "SUSE-SU-2016:0354", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" - }, - { - "name" : "SUSE-SU-2016:0380", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html" - }, - { - "name" : "SUSE-SU-2016:0381", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html" - }, - { - "name" : "SUSE-SU-2016:0383", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html" - }, - { - "name" : "SUSE-SU-2016:0384", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html" - }, - { - "name" : "SUSE-SU-2016:0386", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html" - }, - { - "name" : "SUSE-SU-2016:0387", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0434", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html" - }, - { - "name" : "SUSE-SU-2015:2108", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" - }, - { - "name" : "SUSE-SU-2015:2339", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" - }, - { - "name" : "SUSE-SU-2015:2350", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" - }, - { - "name" : "openSUSE-SU-2015:2232", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" - }, - { - "name" : "SUSE-SU-2015:1727", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html" - }, - { - "name" : "USN-2777-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2777-1" - }, - { - "name" : "USN-2773-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2773-1" - }, - { - "name" : "USN-2774-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2774-1" - }, - { - "name" : "76767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76767" - }, - { - "name" : "1034453", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034453" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0337", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html" + }, + { + "name": "SUSE-SU-2015:2350", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" + }, + { + "name": "SUSE-SU-2016:0434", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html" + }, + { + "name": "DSA-3364", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3364" + }, + { + "name": "FEDORA-2015-16440", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html" + }, + { + "name": "SUSE-SU-2015:1727", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1263139", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263139" + }, + { + "name": "1034453", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034453" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f" + }, + { + "name": "openSUSE-SU-2015:2232", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" + }, + { + "name": "SUSE-SU-2016:0380", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html" + }, + { + "name": "SUSE-SU-2016:0354", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" + }, + { + "name": "SUSE-SU-2016:0335", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html" + }, + { + "name": "SUSE-SU-2015:2339", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" + }, + { + "name": "SUSE-SU-2015:2108", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/09/14/3" + }, + { + "name": "USN-2774-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2774-1" + }, + { + "name": "SUSE-SU-2016:0383", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html" + }, + { + "name": "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/74e98eb085889b0d2d4908f59f6e00026063014f" + }, + { + "name": "FEDORA-2015-16417", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html" + }, + { + "name": "76767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76767" + }, + { + "name": "USN-2773-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2773-1" + }, + { + "name": "SUSE-SU-2016:0386", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html" + }, + { + "name": "FEDORA-2015-16441", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "SUSE-SU-2016:2074", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" + }, + { + "name": "SUSE-SU-2016:0384", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html" + }, + { + "name": "SUSE-SU-2016:0387", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html" + }, + { + "name": "USN-2777-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2777-1" + }, + { + "name": "SUSE-SU-2016:0381", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7105.json b/2015/7xxx/CVE-2015-7105.json index 5a5821c7acd..fea8d68caa8 100644 --- a/2015/7xxx/CVE-2015-7105.json +++ b/2015/7xxx/CVE-2015-7105.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7105", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/HT205641", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205641" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-12-08-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" - }, - { - "name" : "78719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78719" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "78719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78719" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205641", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205641" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7435.json b/2015/7xxx/CVE-2015-7435.json index 603ed364805..d1eb1249da9 100644 --- a/2015/7xxx/CVE-2015-7435.json +++ b/2015/7xxx/CVE-2015-7435.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7435", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local users to bypass the Cognos Application Firewall (CAF) protection mechanism via leading whitespace in the BackURL field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7435", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972799", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972799" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local users to bypass the Cognos Application Firewall (CAF) protection mechanism via leading whitespace in the BackURL field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7951.json b/2015/7xxx/CVE-2015-7951.json index 4feb799404d..c48a3b8d38c 100644 --- a/2015/7xxx/CVE-2015-7951.json +++ b/2015/7xxx/CVE-2015-7951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7951", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7951", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8963.json b/2015/8xxx/CVE-2015-8963.json index 0d5dbc2aeea..eb5d946adc5 100644 --- a/2015/8xxx/CVE-2015-8963.json +++ b/2015/8xxx/CVE-2015-8963.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12ca6ad2e3a896256f086497a7c7406a547ee373", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12ca6ad2e3a896256f086497a7c7406a547ee373" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-11-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-11-01.html" - }, - { - "name" : "https://github.com/torvalds/linux/commit/12ca6ad2e3a896256f086497a7c7406a547ee373", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/12ca6ad2e3a896256f086497a7c7406a547ee373" - }, - { - "name" : "94207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94207" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12ca6ad2e3a896256f086497a7c7406a547ee373", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12ca6ad2e3a896256f086497a7c7406a547ee373" + }, + { + "name": "http://source.android.com/security/bulletin/2016-11-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-11-01.html" + }, + { + "name": "94207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94207" + }, + { + "name": "https://github.com/torvalds/linux/commit/12ca6ad2e3a896256f086497a7c7406a547ee373", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/12ca6ad2e3a896256f086497a7c7406a547ee373" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9031.json b/2015/9xxx/CVE-2015-9031.json index f47a33d717a..f07099f1abe 100644 --- a/2015/9xxx/CVE-2015-9031.json +++ b/2015/9xxx/CVE-2015-9031.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2015-9031", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Exposure Vulnerability in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2015-9031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Exposure Vulnerability in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0014.json b/2016/0xxx/CVE-2016-0014.json index 59238450e2b..f2ba6c0e1cc 100644 --- a/2016/0xxx/CVE-2016-0014.json +++ b/2016/0xxx/CVE-2016-0014.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0014", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0014", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-007", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" - }, - { - "name" : "1034661", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-007", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" + }, + { + "name": "1034661", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034661" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0345.json b/2016/0xxx/CVE-2016-0345.json index c5ab17fe5ee..356d4a3cdee 100644 --- a/2016/0xxx/CVE-2016-0345.json +++ b/2016/0xxx/CVE-2016-0345.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980233", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980233" - }, - { - "name" : "ibm-tririga-cve20160345-info-disc(111786)", - "refsource" : "XF", - "url" : "http://exchange.xforce.ibmcloud.com/vulnerabilities/111786" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-tririga-cve20160345-info-disc(111786)", + "refsource": "XF", + "url": "http://exchange.xforce.ibmcloud.com/vulnerabilities/111786" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21980233", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980233" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0707.json b/2016/0xxx/CVE-2016-0707.json index fa41600c65e..ace624b40b1 100644 --- a/2016/0xxx/CVE-2016-0707.json +++ b/2016/0xxx/CVE-2016-0707.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0707", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0707", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2", - "refsource" : "CONFIRM", - "url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to obtain sensitive information by reading files in the directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2", + "refsource": "CONFIRM", + "url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.1.2" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0734.json b/2016/0xxx/CVE-2016-0734.json index e71a208c6b5..ebf80ad7727 100644 --- a/2016/0xxx/CVE-2016-0734.json +++ b/2016/0xxx/CVE-2016-0734.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160310 [ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/03/10/11" - }, - { - "name" : "http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt", - "refsource" : "CONFIRM", - "url" : "http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt" - }, - { - "name" : "RHSA-2016:1424", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1424" - }, - { - "name" : "84321", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84321" - }, - { - "name" : "1035327", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035327" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1424", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1424" + }, + { + "name": "1035327", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035327" + }, + { + "name": "[oss-security] 20160310 [ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/03/10/11" + }, + { + "name": "http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt", + "refsource": "CONFIRM", + "url": "http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt" + }, + { + "name": "84321", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84321" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1129.json b/2016/1xxx/CVE-2016-1129.json index 91cbe4d99aa..5bca019b9b0 100644 --- a/2016/1xxx/CVE-2016-1129.json +++ b/2016/1xxx/CVE-2016-1129.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1129", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1129", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1174.json b/2016/1xxx/CVE-2016-1174.json index c5e43fc3730..9fabe203e25 100644 --- a/2016/1xxx/CVE-2016-1174.json +++ b/2016/1xxx/CVE-2016-1174.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://hiniarata.jp/news/archives/55", - "refsource" : "CONFIRM", - "url" : "https://hiniarata.jp/news/archives/55" - }, - { - "name" : "JVN#26627848", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN26627848/index.html" - }, - { - "name" : "JVNDB-2016-000043", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000043" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#26627848", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN26627848/index.html" + }, + { + "name": "https://hiniarata.jp/news/archives/55", + "refsource": "CONFIRM", + "url": "https://hiniarata.jp/news/archives/55" + }, + { + "name": "JVNDB-2016-000043", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000043" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1264.json b/2016/1xxx/CVE-2016-1264.json index 4945ae47a9a..981589fe00c 100644 --- a/2016/1xxx/CVE-2016-1264.json +++ b/2016/1xxx/CVE-2016-1264.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the Op command in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 12.3X50 before 12.3X50-D50, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.2X52 before 13.2X52-D30, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R4, 15.1 before 15.1F2 or 15.1R2, 15.1X49 before 15.1X49-D10 or 15.1X49-D20, and 16.1 before 16.1R1 allows remote authenticated users to gain privileges via the URL option." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10725", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10725" - }, - { - "name" : "1035669", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035669" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the Op command in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 12.3X50 before 12.3X50-D50, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.2X52 before 13.2X52-D30, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R4, 15.1 before 15.1F2 or 15.1R2, 15.1X49 before 15.1X49-D10 or 15.1X49-D20, and 16.1 before 16.1R1 allows remote authenticated users to gain privileges via the URL option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035669", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035669" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10725", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10725" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5108.json b/2016/5xxx/CVE-2016-5108.json index 4627df80c2c..bc238273eb1 100644 --- a/2016/5xxx/CVE-2016-5108.json +++ b/2016/5xxx/CVE-2016-5108.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5108", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5108", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.videolan.org/security/sa1601.html", - "refsource" : "CONFIRM", - "url" : "http://www.videolan.org/security/sa1601.html" - }, - { - "name" : "DSA-3598", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3598" - }, - { - "name" : "GLSA-201701-39", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-39" - }, - { - "name" : "openSUSE-SU-2016:1651", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00045.html" - }, - { - "name" : "90924", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90924" - }, - { - "name" : "1036009", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036009" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1651", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00045.html" + }, + { + "name": "1036009", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036009" + }, + { + "name": "DSA-3598", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3598" + }, + { + "name": "90924", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90924" + }, + { + "name": "GLSA-201701-39", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-39" + }, + { + "name": "http://www.videolan.org/security/sa1601.html", + "refsource": "CONFIRM", + "url": "http://www.videolan.org/security/sa1601.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5210.json b/2016/5xxx/CVE-2016-5210.json index a0c61fb3c81..54fd6427ea8 100644 --- a/2016/5xxx/CVE-2016-5210.json +++ b/2016/5xxx/CVE-2016-5210.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5210", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "heap buffer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5210", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/654183", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/654183" - }, - { - "name" : "GLSA-201612-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-11" - }, - { - "name" : "RHSA-2016:2919", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html" - }, - { - "name" : "94633", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94633" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:2919", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html" + }, + { + "name": "94633", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94633" + }, + { + "name": "https://crbug.com/654183", + "refsource": "CONFIRM", + "url": "https://crbug.com/654183" + }, + { + "name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" + }, + { + "name": "GLSA-201612-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-11" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5337.json b/2016/5xxx/CVE-2016-5337.json index 501c89f7e9c..20d5933c570 100644 --- a/2016/5xxx/CVE-2016-5337.json +++ b/2016/5xxx/CVE-2016-5337.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5337", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5337", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160608 CVE Request Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/08/3" - }, - { - "name" : "[oss-security] 20160608 Re: CVE Request Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/08/13" - }, - { - "name" : "[qemu-devel] 20160607 [PULL 06/13] scsi: megasas: null terminate bios version buffer", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html" - }, - { - "name" : "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6" - }, - { - "name" : "GLSA-201609-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201609-01" - }, - { - "name" : "USN-3047-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3047-1" - }, - { - "name" : "USN-3047-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3047-2" - }, - { - "name" : "91097", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3047-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3047-1" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6" + }, + { + "name": "91097", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91097" + }, + { + "name": "GLSA-201609-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201609-01" + }, + { + "name": "USN-3047-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3047-2" + }, + { + "name": "[oss-security] 20160608 Re: CVE Request Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/08/13" + }, + { + "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" + }, + { + "name": "[qemu-devel] 20160607 [PULL 06/13] scsi: megasas: null terminate bios version buffer", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html" + }, + { + "name": "[oss-security] 20160608 CVE Request Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/08/3" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5615.json b/2016/5xxx/CVE-2016-5615.json index 143c3a071c4..b657ce2cf09 100644 --- a/2016/5xxx/CVE-2016-5615.json +++ b/2016/5xxx/CVE-2016-5615.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93763", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93763" - }, - { - "name" : "1037048", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93763", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93763" + }, + { + "name": "1037048", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037048" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5693.json b/2016/5xxx/CVE-2016-5693.json index d378c837f50..30dc88708df 100644 --- a/2016/5xxx/CVE-2016-5693.json +++ b/2016/5xxx/CVE-2016-5693.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5693", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5693", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5845.json b/2016/5xxx/CVE-2016-5845.json index 9ddd5978f5a..bb78b0a245c 100644 --- a/2016/5xxx/CVE-2016-5845.json +++ b/2016/5xxx/CVE-2016-5845.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5845", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5845", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539180/100/0/threaded" - }, - { - "name" : "40230", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40230/" - }, - { - "name" : "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Aug/46" - }, - { - "name" : "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html" - }, - { - "name" : "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities" - }, - { - "name" : "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016" - }, - { - "name" : "92406", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92406" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40230", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40230/" + }, + { + "name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Aug/46" + }, + { + "name": "92406", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92406" + }, + { + "name": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016", + "refsource": "MISC", + "url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016" + }, + { + "name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html" + }, + { + "name": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities", + "refsource": "MISC", + "url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0896.json b/2019/0xxx/CVE-2019-0896.json index e9241f77fb8..8ae983d9f47 100644 --- a/2019/0xxx/CVE-2019-0896.json +++ b/2019/0xxx/CVE-2019-0896.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0896", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0896", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0997.json b/2019/0xxx/CVE-2019-0997.json index 9af5610e97b..341bb9283ba 100644 --- a/2019/0xxx/CVE-2019-0997.json +++ b/2019/0xxx/CVE-2019-0997.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0997", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0997", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0999.json b/2019/0xxx/CVE-2019-0999.json index 66450f52400..f5e68007fc0 100644 --- a/2019/0xxx/CVE-2019-0999.json +++ b/2019/0xxx/CVE-2019-0999.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0999", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0999", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1320.json b/2019/1xxx/CVE-2019-1320.json index 6605a8efc88..2de324172c4 100644 --- a/2019/1xxx/CVE-2019-1320.json +++ b/2019/1xxx/CVE-2019-1320.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1320", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1320", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1373.json b/2019/1xxx/CVE-2019-1373.json index 4bb0df60d26..c064ea8a736 100644 --- a/2019/1xxx/CVE-2019-1373.json +++ b/2019/1xxx/CVE-2019-1373.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1373", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1373", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1396.json b/2019/1xxx/CVE-2019-1396.json index 05bdc418754..7641c1c19fa 100644 --- a/2019/1xxx/CVE-2019-1396.json +++ b/2019/1xxx/CVE-2019-1396.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1396", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1396", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1594.json b/2019/1xxx/CVE-2019-1594.json index 20c467e76bc..df49065ec2b 100644 --- a/2019/1xxx/CVE-2019-1594.json +++ b/2019/1xxx/CVE-2019-1594.json @@ -1,166 +1,166 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2019-03-06T16:00:00-0800", - "ID" : "CVE-2019-1594", - "STATE" : "PUBLIC", - "TITLE" : "Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Nexus 1000V Switch for VMware vSphere", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "5.2(1)SV3(1.4b)" - } - ] - } - }, - { - "product_name" : "Nexus 3000 Series Switches", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "7.0(3)I7(4)" - } - ] - } - }, - { - "product_name" : "Nexus 3500 Platform Switches", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "7.0(3)I7(4)" - } - ] - } - }, - { - "product_name" : "Nexus 2000, 5500, 5600, and 6000 Series Switches", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "7.3(5)N1(1)" - }, - { - "affected" : "<", - "version_value" : "7.1(5)N1(1b)" - } - ] - } - }, - { - "product_name" : "Nexus 7000 and 7700 Series Switches", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "8.2(3)" - } - ] - } - }, - { - "product_name" : "Nexus 9000 Series Fabric Switches in ACI Mode", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "13.2(1l)" - } - ] - } - }, - { - "product_name" : "Nexus 9000 Series Switches in Standalone NX-OS Mode", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "7.0(3)I7(4)" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL) frames. An attacker could exploit this vulnerability by sending a crafted EAPOL frame to an interface on the targeted device. A successful exploit could allow the attacker to cause the Layer 2 (L2) forwarding process to restart multiple times, leading to a system-level restart of the device and a DoS condition. Note: This vulnerability affects only NX-OS devices configured with 802.1X functionality. Cisco Nexus 1000V Switch for VMware vSphere devices are affected in versions prior to 5.2(1)SV3(1.4b). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(5)N1(1) and 7.1(5)N1(1b). Nexus 7000 and 7700 Series Switches are affected in versions prior to 8.2(3). Nexus 9000 Series Fabric Switches in ACI Mode are affected in versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4)." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "7.4", - "vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-264" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2019-03-06T16:00:00-0800", + "ID": "CVE-2019-1594", + "STATE": "PUBLIC", + "TITLE": "Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Nexus 1000V Switch for VMware vSphere", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "5.2(1)SV3(1.4b)" + } + ] + } + }, + { + "product_name": "Nexus 3000 Series Switches", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "7.0(3)I7(4)" + } + ] + } + }, + { + "product_name": "Nexus 3500 Platform Switches", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "7.0(3)I7(4)" + } + ] + } + }, + { + "product_name": "Nexus 2000, 5500, 5600, and 6000 Series Switches", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "7.3(5)N1(1)" + }, + { + "affected": "<", + "version_value": "7.1(5)N1(1b)" + } + ] + } + }, + { + "product_name": "Nexus 7000 and 7700 Series Switches", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "8.2(3)" + } + ] + } + }, + { + "product_name": "Nexus 9000 Series Fabric Switches in ACI Mode", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "13.2(1l)" + } + ] + } + }, + { + "product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "7.0(3)I7(4)" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20190306 Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-lan-auth" - }, - { - "name" : "107325", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107325" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20190306-nx-os-lan-auth", - "defect" : [ - [ - "CSCvi93959", - "CSCvj22443", - "CSCvj22446", - "CSCvj22447", - "CSCvj22449" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL) frames. An attacker could exploit this vulnerability by sending a crafted EAPOL frame to an interface on the targeted device. A successful exploit could allow the attacker to cause the Layer 2 (L2) forwarding process to restart multiple times, leading to a system-level restart of the device and a DoS condition. Note: This vulnerability affects only NX-OS devices configured with 802.1X functionality. Cisco Nexus 1000V Switch for VMware vSphere devices are affected in versions prior to 5.2(1)SV3(1.4b). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(4). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.3(5)N1(1) and 7.1(5)N1(1b). Nexus 7000 and 7700 Series Switches are affected in versions prior to 8.2(3). Nexus 9000 Series Fabric Switches in ACI Mode are affected in versions prior to 13.2(1l). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(4)." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "7.4", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-264" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107325", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107325" + }, + { + "name": "20190306 Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-lan-auth" + } + ] + }, + "source": { + "advisory": "cisco-sa-20190306-nx-os-lan-auth", + "defect": [ + [ + "CSCvi93959", + "CSCvj22443", + "CSCvj22446", + "CSCvj22447", + "CSCvj22449" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4321.json b/2019/4xxx/CVE-2019-4321.json index b83b502b728..a42dddb8095 100644 --- a/2019/4xxx/CVE-2019-4321.json +++ b/2019/4xxx/CVE-2019-4321.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4321", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4321", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4352.json b/2019/4xxx/CVE-2019-4352.json index 450d45be33d..e511ea73731 100644 --- a/2019/4xxx/CVE-2019-4352.json +++ b/2019/4xxx/CVE-2019-4352.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4352", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4352", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4499.json b/2019/4xxx/CVE-2019-4499.json index ec21a9d936d..122b9b0faae 100644 --- a/2019/4xxx/CVE-2019-4499.json +++ b/2019/4xxx/CVE-2019-4499.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4499", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4499", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4645.json b/2019/4xxx/CVE-2019-4645.json index 42bbac0590c..1a00082c6d0 100644 --- a/2019/4xxx/CVE-2019-4645.json +++ b/2019/4xxx/CVE-2019-4645.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4645", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4645", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5338.json b/2019/5xxx/CVE-2019-5338.json index 9fe4875b271..93c8ac61d21 100644 --- a/2019/5xxx/CVE-2019-5338.json +++ b/2019/5xxx/CVE-2019-5338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5338", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5338", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5480.json b/2019/5xxx/CVE-2019-5480.json index 1168934389b..806cdb0c4ad 100644 --- a/2019/5xxx/CVE-2019-5480.json +++ b/2019/5xxx/CVE-2019-5480.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5480", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5480", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5576.json b/2019/5xxx/CVE-2019-5576.json index c82853e3d10..8828d712748 100644 --- a/2019/5xxx/CVE-2019-5576.json +++ b/2019/5xxx/CVE-2019-5576.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5576", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5576", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8831.json b/2019/8xxx/CVE-2019-8831.json index a071089aeb2..be2eb0a9ba1 100644 --- a/2019/8xxx/CVE-2019-8831.json +++ b/2019/8xxx/CVE-2019-8831.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8831", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8831", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9045.json b/2019/9xxx/CVE-2019-9045.json index 25e605c9d0e..5d5600017cb 100644 --- a/2019/9xxx/CVE-2019-9045.json +++ b/2019/9xxx/CVE-2019-9045.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9045", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9045", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9408.json b/2019/9xxx/CVE-2019-9408.json index 0723900adec..a89b2eeda78 100644 --- a/2019/9xxx/CVE-2019-9408.json +++ b/2019/9xxx/CVE-2019-9408.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9408", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9408", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9443.json b/2019/9xxx/CVE-2019-9443.json index 2e027d9207e..55c0e09f862 100644 --- a/2019/9xxx/CVE-2019-9443.json +++ b/2019/9xxx/CVE-2019-9443.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9443", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9443", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9722.json b/2019/9xxx/CVE-2019-9722.json index bf6d0231b0f..8dd5b9b37c9 100644 --- a/2019/9xxx/CVE-2019-9722.json +++ b/2019/9xxx/CVE-2019-9722.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9722", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9722", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file