From cf346002e683db04baed5edfdf42acea264f277c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:15:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/1xxx/CVE-2006-1012.json | 160 +++---- 2006/1xxx/CVE-2006-1693.json | 160 +++---- 2006/1xxx/CVE-2006-1748.json | 140 +++--- 2006/1xxx/CVE-2006-1919.json | 170 ++++---- 2006/5xxx/CVE-2006-5144.json | 160 +++---- 2006/5xxx/CVE-2006-5827.json | 170 ++++---- 2007/2xxx/CVE-2007-2492.json | 180 ++++---- 2007/2xxx/CVE-2007-2985.json | 150 +++---- 2007/6xxx/CVE-2007-6101.json | 180 ++++---- 2007/6xxx/CVE-2007-6305.json | 170 ++++---- 2010/0xxx/CVE-2010-0018.json | 200 ++++----- 2010/0xxx/CVE-2010-0842.json | 460 ++++++++++---------- 2010/1xxx/CVE-2010-1558.json | 160 +++---- 2010/1xxx/CVE-2010-1679.json | 240 +++++------ 2010/1xxx/CVE-2010-1916.json | 200 ++++----- 2010/1xxx/CVE-2010-1952.json | 160 +++---- 2010/4xxx/CVE-2010-4197.json | 250 +++++------ 2010/4xxx/CVE-2010-4315.json | 34 +- 2010/4xxx/CVE-2010-4326.json | 240 +++++------ 2010/4xxx/CVE-2010-4450.json | 300 ++++++------- 2010/5xxx/CVE-2010-5053.json | 150 +++---- 2014/0xxx/CVE-2014-0425.json | 170 ++++---- 2014/0xxx/CVE-2014-0453.json | 750 ++++++++++++++++----------------- 2014/0xxx/CVE-2014-0674.json | 180 ++++---- 2014/0xxx/CVE-2014-0684.json | 130 +++--- 2014/10xxx/CVE-2014-10048.json | 132 +++--- 2014/1xxx/CVE-2014-1232.json | 150 +++---- 2014/1xxx/CVE-2014-1371.json | 150 +++---- 2014/4xxx/CVE-2014-4835.json | 130 +++--- 2014/4xxx/CVE-2014-4932.json | 130 +++--- 2014/9xxx/CVE-2014-9749.json | 160 +++---- 2014/9xxx/CVE-2014-9823.json | 150 +++---- 2014/9xxx/CVE-2014-9904.json | 190 ++++----- 2014/9xxx/CVE-2014-9910.json | 130 +++--- 2016/3xxx/CVE-2016-3236.json | 130 +++--- 2016/3xxx/CVE-2016-3362.json | 140 +++--- 2016/3xxx/CVE-2016-3869.json | 140 +++--- 2016/6xxx/CVE-2016-6387.json | 34 +- 2016/6xxx/CVE-2016-6575.json | 34 +- 2016/7xxx/CVE-2016-7024.json | 34 +- 2016/7xxx/CVE-2016-7241.json | 180 ++++---- 2016/7xxx/CVE-2016-7338.json | 34 +- 2016/7xxx/CVE-2016-7574.json | 34 +- 2016/7xxx/CVE-2016-7736.json | 34 +- 2016/8xxx/CVE-2016-8095.json | 34 +- 2016/8xxx/CVE-2016-8876.json | 130 +++--- 46 files changed, 3772 insertions(+), 3772 deletions(-) diff --git a/2006/1xxx/CVE-2006-1012.json b/2006/1xxx/CVE-2006-1012.json index 363a32df508..71f26a8b67d 100644 --- a/2006/1xxx/CVE-2006-1012.json +++ b/2006/1xxx/CVE-2006-1012.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "GLSA-200603-01", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml" - }, - { - "name" : "16950", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16950" - }, - { - "name" : "19109", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19109" - }, - { - "name" : "19123", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19123" - }, - { - "name" : "wordpress-comment-sql-injection(25321)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25321" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16950", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16950" + }, + { + "name": "wordpress-comment-sql-injection(25321)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25321" + }, + { + "name": "GLSA-200603-01", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-01.xml" + }, + { + "name": "19123", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19123" + }, + { + "name": "19109", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19109" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1693.json b/2006/1xxx/CVE-2006-1693.json index b6e4c3bddcd..83929494bc0 100644 --- a/2006/1xxx/CVE-2006-1693.json +++ b/2006/1xxx/CVE-2006-1693.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a \"custom command\" with a long argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.globalscape.com/gsftps/history.asp", - "refsource" : "CONFIRM", - "url" : "http://www.globalscape.com/gsftps/history.asp" - }, - { - "name" : "17398", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17398" - }, - { - "name" : "24451", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24451" - }, - { - "name" : "19547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19547" - }, - { - "name" : "globalscape-custom-commands-dos(25665)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25665" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a \"custom command\" with a long argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.globalscape.com/gsftps/history.asp", + "refsource": "CONFIRM", + "url": "http://www.globalscape.com/gsftps/history.asp" + }, + { + "name": "24451", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24451" + }, + { + "name": "globalscape-custom-commands-dos(25665)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25665" + }, + { + "name": "19547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19547" + }, + { + "name": "17398", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17398" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1748.json b/2006/1xxx/CVE-2006-1748.json index 4650bb07ced..53b6deb298c 100644 --- a/2006/1xxx/CVE-2006-1748.json +++ b/2006/1xxx/CVE-2006-1748.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1748", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitrary web script or HTML by uploading a Flash (.SWF) video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1748", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060409 XMB Forum 1.9.5-Final XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/430432/100/0/threaded" - }, - { - "name" : "17445", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17445" - }, - { - "name" : "xmb-swf-geturl-xss(25737)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25737" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitrary web script or HTML by uploading a Flash (.SWF) video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "xmb-swf-geturl-xss(25737)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25737" + }, + { + "name": "17445", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17445" + }, + { + "name": "20060409 XMB Forum 1.9.5-Final XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/430432/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1919.json b/2006/1xxx/CVE-2006-1919.json index b206f6384f4..16303e903a1 100644 --- a/2006/1xxx/CVE-2006-1919.json +++ b/2006/1xxx/CVE-2006-1919.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1919", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in Internet Photoshow 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1694", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/1694" - }, - { - "name" : "17620", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17620" - }, - { - "name" : "ADV-2006-1417", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1417" - }, - { - "name" : "24743", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24743" - }, - { - "name" : "19726", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19726" - }, - { - "name" : "ip-index-file-include(25937)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25937" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in Internet Photoshow 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1694", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/1694" + }, + { + "name": "19726", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19726" + }, + { + "name": "ADV-2006-1417", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1417" + }, + { + "name": "ip-index-file-include(25937)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25937" + }, + { + "name": "17620", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17620" + }, + { + "name": "24743", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24743" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5144.json b/2006/5xxx/CVE-2006-5144.json index 919dd7dffad..db9506d0768 100644 --- a/2006/5xxx/CVE-2006-5144.json +++ b/2006/5xxx/CVE-2006-5144.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5144", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the description_small parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5144", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060930 OlateDownload 3.4.0 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447424/100/0/threaded" - }, - { - "name" : "20278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20278" - }, - { - "name" : "22241", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22241" - }, - { - "name" : "1680", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1680" - }, - { - "name" : "olate-download-userupload-xss(29292)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29292" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the description_small parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1680", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1680" + }, + { + "name": "20060930 OlateDownload 3.4.0 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447424/100/0/threaded" + }, + { + "name": "olate-download-userupload-xss(29292)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29292" + }, + { + "name": "20278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20278" + }, + { + "name": "22241", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22241" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5827.json b/2006/5xxx/CVE-2006-5827.json index 9d51002c18f..8528c0c4b7c 100644 --- a/2006/5xxx/CVE-2006-5827.json +++ b/2006/5xxx/CVE-2006-5827.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5827", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpComasy CMS 0.7.9pre and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username or (2) password parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061106 MajorSecurity Advisory #32]phpComasy CMS - Multiple Cross Site Scripting Issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/450712" - }, - { - "name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls32", - "refsource" : "MISC", - "url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls32" - }, - { - "name" : "20938", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20938" - }, - { - "name" : "22760", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22760" - }, - { - "name" : "1843", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1843" - }, - { - "name" : "phpcomasy-index-xss(30053)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30053" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpComasy CMS 0.7.9pre and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username or (2) password parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1843", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1843" + }, + { + "name": "20061106 MajorSecurity Advisory #32]phpComasy CMS - Multiple Cross Site Scripting Issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/450712" + }, + { + "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls32", + "refsource": "MISC", + "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls32" + }, + { + "name": "22760", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22760" + }, + { + "name": "20938", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20938" + }, + { + "name": "phpcomasy-index-xss(30053)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30053" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2492.json b/2007/2xxx/CVE-2007-2492.json index 934a110809c..379bd4e99d0 100644 --- a/2007/2xxx/CVE-2007-2492.json +++ b/2007/2xxx/CVE-2007-2492.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2492", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2492", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070502 Post Nuke v4bJournal Module Sql Inject", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467387/100/0/threaded" - }, - { - "name" : "3835", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3835" - }, - { - "name" : "23777", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23777" - }, - { - "name" : "ADV-2007-1632", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1632" - }, - { - "name" : "35703", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35703" - }, - { - "name" : "2674", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2674" - }, - { - "name" : "pnjournal-index-sql-injection(34024)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2674", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2674" + }, + { + "name": "23777", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23777" + }, + { + "name": "3835", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3835" + }, + { + "name": "pnjournal-index-sql-injection(34024)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34024" + }, + { + "name": "20070502 Post Nuke v4bJournal Module Sql Inject", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467387/100/0/threaded" + }, + { + "name": "35703", + "refsource": "OSVDB", + "url": "http://osvdb.org/35703" + }, + { + "name": "ADV-2007-1632", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1632" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2985.json b/2007/2xxx/CVE-2007-2985.json index a5fe1312e2a..94ad01892a2 100644 --- a/2007/2xxx/CVE-2007-2985.json +++ b/2007/2xxx/CVE-2007-2985.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2985", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arbitrary PHP code via an update_doc action in edit.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2985", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4006", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4006" - }, - { - "name" : "36737", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36737" - }, - { - "name" : "25460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25460" - }, - { - "name" : "pheap-edit-code-execution(34592)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34592" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arbitrary PHP code via an update_doc action in edit.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36737", + "refsource": "OSVDB", + "url": "http://osvdb.org/36737" + }, + { + "name": "4006", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4006" + }, + { + "name": "25460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25460" + }, + { + "name": "pheap-edit-code-execution(34592)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34592" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6101.json b/2007/6xxx/CVE-2007-6101.json index 59f4c2f8ae5..1dac8e88014 100644 --- a/2007/6xxx/CVE-2007-6101.json +++ b/2007/6xxx/CVE-2007-6101.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.code-crafters.com/abilitymailserver/updatelog.html", - "refsource" : "CONFIRM", - "url" : "http://www.code-crafters.com/abilitymailserver/updatelog.html" - }, - { - "name" : "26514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26514" - }, - { - "name" : "42399", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42399" - }, - { - "name" : "42400", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42400" - }, - { - "name" : "27736", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27736" - }, - { - "name" : "ability-blank-string-dos(38586)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38586" - }, - { - "name" : "ability-imap4-dos(38587)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38587" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42400", + "refsource": "OSVDB", + "url": "http://osvdb.org/42400" + }, + { + "name": "26514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26514" + }, + { + "name": "27736", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27736" + }, + { + "name": "42399", + "refsource": "OSVDB", + "url": "http://osvdb.org/42399" + }, + { + "name": "http://www.code-crafters.com/abilitymailserver/updatelog.html", + "refsource": "CONFIRM", + "url": "http://www.code-crafters.com/abilitymailserver/updatelog.html" + }, + { + "name": "ability-blank-string-dos(38586)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38586" + }, + { + "name": "ability-imap4-dos(38587)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38587" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6305.json b/2007/6xxx/CVE-2007-6305.json index 95cdd687543..088e45a90ab 100644 --- a/2007/6xxx/CVE-2007-6305.json +++ b/2007/6xxx/CVE-2007-6305.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via \"some HMC commands.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038" - }, - { - "name" : "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01065", - "refsource" : "CONFIRM", - "url" : "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01065" - }, - { - "name" : "MB02226", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02226" - }, - { - "name" : "ADV-2007-4144", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4144" - }, - { - "name" : "1019062", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019062" - }, - { - "name" : "27961", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27961" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via \"some HMC commands.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01065", + "refsource": "CONFIRM", + "url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power6/install/v7.Readme.html#MH01065" + }, + { + "name": "1019062", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019062" + }, + { + "name": "27961", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27961" + }, + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038" + }, + { + "name": "MB02226", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1MB02226" + }, + { + "name": "ADV-2007-4144", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4144" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0018.json b/2010/0xxx/CVE-2010-0018.json index 8a4f337a781..706c93d5e7e 100644 --- a/2010/0xxx/CVE-2010-0018.json +++ b/2010/0xxx/CVE-2010-0018.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka \"Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-0018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx", - "refsource" : "MISC", - "url" : "http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx" - }, - { - "name" : "MS10-001", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-001" - }, - { - "name" : "TA10-012B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-012B.html" - }, - { - "name" : "37671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37671" - }, - { - "name" : "61651", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/61651" - }, - { - "name" : "oval:org.mitre.oval:def:8324", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8324" - }, - { - "name" : "1023432", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023432" - }, - { - "name" : "35457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35457" - }, - { - "name" : "ADV-2010-0095", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0095" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka \"Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS10-001", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-001" + }, + { + "name": "http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx", + "refsource": "MISC", + "url": "http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx" + }, + { + "name": "1023432", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023432" + }, + { + "name": "35457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35457" + }, + { + "name": "oval:org.mitre.oval:def:8324", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8324" + }, + { + "name": "TA10-012B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-012B.html" + }, + { + "name": "ADV-2010-0095", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0095" + }, + { + "name": "37671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37671" + }, + { + "name": "61651", + "refsource": "OSVDB", + "url": "http://osvdb.org/61651" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0842.json b/2010/0xxx/CVE-2010-0842.json index 096f0ce32d4..608a63752a1 100644 --- a/2010/0xxx/CVE-2010-0842.json +++ b/2010/0xxx/CVE-2010-0842.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100405 ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/510532/100/0/threaded" - }, - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-060", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-060" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html" - }, - { - "name" : "http://support.apple.com/kb/HT4170", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4170" - }, - { - "name" : "http://support.apple.com/kb/HT4171", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4171" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" - }, - { - "name" : "APPLE-SA-2010-05-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" - }, - { - "name" : "APPLE-SA-2010-05-18-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" - }, - { - "name" : "HPSBMA02547", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" - }, - { - "name" : "SSRT100179", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "HPSBUX02524", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2" - }, - { - "name" : "SSRT100089", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127557596201693&w=2" - }, - { - "name" : "RHSA-2010:0337", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0337.html" - }, - { - "name" : "RHSA-2010:0338", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0338.html" - }, - { - "name" : "RHSA-2010:0383", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0383.html" - }, - { - "name" : "RHSA-2010:0471", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0471.html" - }, - { - "name" : "RHSA-2010:0489", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0489.html" - }, - { - "name" : "SUSE-SR:2010:008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" - }, - { - "name" : "SUSE-SR:2010:017", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" - }, - { - "name" : "39077", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39077" - }, - { - "name" : "oval:org.mitre.oval:def:14101", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14101" - }, - { - "name" : "39317", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39317" - }, - { - "name" : "39659", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39659" - }, - { - "name" : "39819", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39819" - }, - { - "name" : "40211", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40211" - }, - { - "name" : "40545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40545" - }, - { - "name" : "43308", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43308" - }, - { - "name" : "ADV-2010-1191", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1191" - }, - { - "name" : "ADV-2010-1454", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1454" - }, - { - "name" : "ADV-2010-1523", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1523" - }, - { - "name" : "ADV-2010-1793", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2010-05-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" + }, + { + "name": "oval:org.mitre.oval:def:14101", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14101" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "39317", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39317" + }, + { + "name": "RHSA-2010:0383", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html" + }, + { + "name": "40545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40545" + }, + { + "name": "20100405 ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/510532/100/0/threaded" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-060", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-060" + }, + { + "name": "ADV-2010-1454", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1454" + }, + { + "name": "39819", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39819" + }, + { + "name": "RHSA-2010:0338", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html" + }, + { + "name": "ADV-2010-1793", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1793" + }, + { + "name": "APPLE-SA-2010-05-18-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" + }, + { + "name": "43308", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43308" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + }, + { + "name": "SSRT100179", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" + }, + { + "name": "SSRT100089", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html" + }, + { + "name": "HPSBUX02524", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" + }, + { + "name": "39077", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39077" + }, + { + "name": "http://support.apple.com/kb/HT4170", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4170" + }, + { + "name": "ADV-2010-1523", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1523" + }, + { + "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" + }, + { + "name": "SUSE-SR:2010:008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" + }, + { + "name": "39659", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39659" + }, + { + "name": "RHSA-2010:0471", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html" + }, + { + "name": "SUSE-SR:2010:017", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "RHSA-2010:0337", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html" + }, + { + "name": "RHSA-2010:0489", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html" + }, + { + "name": "HPSBMA02547", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" + }, + { + "name": "40211", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40211" + }, + { + "name": "http://support.apple.com/kb/HT4171", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4171" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + }, + { + "name": "ADV-2010-1191", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1191" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1558.json b/2010/1xxx/CVE-2010-1558.json index 5d7e60bbe8a..49b035ef2ed 100644 --- a/2010/1xxx/CVE-2010-1558.json +++ b/2010/1xxx/CVE-2010-1558.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1558", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP \"Send to e-mail\" feature, and obtain sensitive information, via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2010-1558", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBPI02532", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127376308013422&w=2" - }, - { - "name" : "SSRT100111", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=127376308013422&w=2" - }, - { - "name" : "40147", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40147" - }, - { - "name" : "64661", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/64661" - }, - { - "name" : "hp-mfp-sendtoemail-unauth-access(58618)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58618" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP \"Send to e-mail\" feature, and obtain sensitive information, via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hp-mfp-sendtoemail-unauth-access(58618)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58618" + }, + { + "name": "SSRT100111", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127376308013422&w=2" + }, + { + "name": "64661", + "refsource": "OSVDB", + "url": "http://osvdb.org/64661" + }, + { + "name": "40147", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40147" + }, + { + "name": "HPSBPI02532", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=127376308013422&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1679.json b/2010/1xxx/CVE-2010-1679.json index 252b9ca914e..be3ec166bba 100644 --- a/2010/1xxx/CVE-2010-1679.json +++ b/2010/1xxx/CVE-2010-1679.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1679", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1679", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-2142", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2142" - }, - { - "name" : "FEDORA-2011-0345", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html" - }, - { - "name" : "FEDORA-2011-0362", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html" - }, - { - "name" : "USN-1038-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1038-1" - }, - { - "name" : "45703", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45703" - }, - { - "name" : "70368", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70368" - }, - { - "name" : "42826", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42826" - }, - { - "name" : "42831", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42831" - }, - { - "name" : "43054", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43054" - }, - { - "name" : "ADV-2011-0040", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0040" - }, - { - "name" : "ADV-2011-0044", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0044" - }, - { - "name" : "ADV-2011-0196", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0196" - }, - { - "name" : "dpkg-dpkgsource-directory-traversal(64615)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64615" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42831", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42831" + }, + { + "name": "FEDORA-2011-0345", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html" + }, + { + "name": "42826", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42826" + }, + { + "name": "FEDORA-2011-0362", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html" + }, + { + "name": "dpkg-dpkgsource-directory-traversal(64615)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64615" + }, + { + "name": "USN-1038-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1038-1" + }, + { + "name": "ADV-2011-0040", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0040" + }, + { + "name": "45703", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45703" + }, + { + "name": "DSA-2142", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2142" + }, + { + "name": "70368", + "refsource": "OSVDB", + "url": "http://osvdb.org/70368" + }, + { + "name": "43054", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43054" + }, + { + "name": "ADV-2011-0044", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0044" + }, + { + "name": "ADV-2011-0196", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0196" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1916.json b/2010/1xxx/CVE-2010-1916.json index 55a38b6a93b..b9556ad19bb 100644 --- a/2010/1xxx/CVE-2010-1916.json +++ b/2010/1xxx/CVE-2010-1916.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1916", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the \"Deprecated config passing\" feature; or (2) crafted backend_data and backend_data[key_location] variables, which are not properly handled by the xinha_read_passed_data function. NOTE: this can be leveraged to upload and possibly execute arbitrary files via config.inc.php in the ImageManager plugin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1916", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html" - }, - { - "name" : "http://www.php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html" - }, - { - "name" : "http://trac.xinha.org/ticket/1518", - "refsource" : "CONFIRM", - "url" : "http://trac.xinha.org/ticket/1518" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=591701", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=591701" - }, - { - "name" : "FEDORA-2010-9320", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042577.html" - }, - { - "name" : "40033", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40033" - }, - { - "name" : "39782", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39782" - }, - { - "name" : "40124", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40124" - }, - { - "name" : "ADV-2010-1401", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1401" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the \"Deprecated config passing\" feature; or (2) crafted backend_data and backend_data[key_location] variables, which are not properly handled by the xinha_read_passed_data function. NOTE: this can be leveraged to upload and possibly execute arbitrary files via config.inc.php in the ImageManager plugin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=591701", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591701" + }, + { + "name": "ADV-2010-1401", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1401" + }, + { + "name": "http://www.php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html", + "refsource": "MISC", + "url": "http://www.php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html" + }, + { + "name": "40124", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40124" + }, + { + "name": "39782", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39782" + }, + { + "name": "40033", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40033" + }, + { + "name": "http://trac.xinha.org/ticket/1518", + "refsource": "CONFIRM", + "url": "http://trac.xinha.org/ticket/1518" + }, + { + "name": "FEDORA-2010-9320", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042577.html" + }, + { + "name": "http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html", + "refsource": "MISC", + "url": "http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1952.json b/2010/1xxx/CVE-2010-1952.json index f35aa649c99..406eaa31968 100644 --- a/2010/1xxx/CVE-2010-1952.json +++ b/2010/1xxx/CVE-2010-1952.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1952", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1952", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "12239", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12239" - }, - { - "name" : "http://packetstormsecurity.org/1004-exploits/joomlabeeheardlite-lfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/joomlabeeheardlite-lfi.txt" - }, - { - "name" : "39506", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39506" - }, - { - "name" : "39475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39475" - }, - { - "name" : "combeeheard-index-file-inlclude(57845)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57845" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/1004-exploits/joomlabeeheardlite-lfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/joomlabeeheardlite-lfi.txt" + }, + { + "name": "39506", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39506" + }, + { + "name": "12239", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12239" + }, + { + "name": "combeeheard-index-file-inlclude(57845)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57845" + }, + { + "name": "39475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39475" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4197.json b/2010/4xxx/CVE-2010-4197.json index 75697157f02..e8117bd8cad 100644 --- a/2010/4xxx/CVE-2010-4197.json +++ b/2010/4xxx/CVE-2010-4197.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4197", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4197", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://trac.webkit.org/changeset/70594", - "refsource" : "MISC", - "url" : "http://trac.webkit.org/changeset/70594" - }, - { - "name" : "https://bugs.webkit.org/show_bug.cgi?id=48349", - "refsource" : "MISC", - "url" : "https://bugs.webkit.org/show_bug.cgi?id=48349" - }, - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=51602", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=51602" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=656115", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=656115" - }, - { - "name" : "FEDORA-2011-0121", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "RHSA-2011:0177", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0177.html" - }, - { - "name" : "45720", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45720" - }, - { - "name" : "oval:org.mitre.oval:def:12266", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12266" - }, - { - "name" : "42109", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42109" - }, - { - "name" : "43086", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43086" - }, - { - "name" : "ADV-2011-0216", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0216" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "FEDORA-2011-0121", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html" + }, + { + "name": "http://trac.webkit.org/changeset/70594", + "refsource": "MISC", + "url": "http://trac.webkit.org/changeset/70594" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=51602", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=51602" + }, + { + "name": "ADV-2011-0216", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0216" + }, + { + "name": "42109", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42109" + }, + { + "name": "43086", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43086" + }, + { + "name": "45720", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45720" + }, + { + "name": "RHSA-2011:0177", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" + }, + { + "name": "https://bugs.webkit.org/show_bug.cgi?id=48349", + "refsource": "MISC", + "url": "https://bugs.webkit.org/show_bug.cgi?id=48349" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + }, + { + "name": "oval:org.mitre.oval:def:12266", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12266" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=656115", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=656115" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4315.json b/2010/4xxx/CVE-2010-4315.json index b715929dd16..a25fb122d0f 100644 --- a/2010/4xxx/CVE-2010-4315.json +++ b/2010/4xxx/CVE-2010-4315.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4315", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4315", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4326.json b/2010/4xxx/CVE-2010-4326.json index d614946910c..9c828b759b9 100644 --- a/2010/4xxx/CVE-2010-4326.json +++ b/2010/4xxx/CVE-2010-4326.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4326", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4326", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-025/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-025/" - }, - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-10-239/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-10-239/" - }, - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-10-240/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-10-240/" - }, - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-10-243/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-10-243/" - }, - { - "name" : "http://www.facebook.com/note.php?note_id=477865030928", - "refsource" : "CONFIRM", - "url" : "http://www.facebook.com/note.php?note_id=477865030928" - }, - { - "name" : "http://www.novell.com/support/viewContent.do?externalId=7007155&sliceId=1", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/viewContent.do?externalId=7007155&sliceId=1" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=642339", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=642339" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=642340", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=642340" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=642345", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=642345" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=642349", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=642349" - }, - { - "name" : "45994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45994" - }, - { - "name" : "ADV-2011-0219", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0219" - }, - { - "name" : "groupwise-requeststatus-bo(64929)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=642340", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=642340" + }, + { + "name": "45994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45994" + }, + { + "name": "groupwise-requeststatus-bo(64929)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64929" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=642339", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=642339" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=642349", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=642349" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=642345", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=642345" + }, + { + "name": "http://www.facebook.com/note.php?note_id=477865030928", + "refsource": "CONFIRM", + "url": "http://www.facebook.com/note.php?note_id=477865030928" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-10-239/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-10-239/" + }, + { + "name": "http://www.novell.com/support/viewContent.do?externalId=7007155&sliceId=1", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/viewContent.do?externalId=7007155&sliceId=1" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-025/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-025/" + }, + { + "name": "ADV-2011-0219", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0219" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-10-240/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-10-240/" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-10-243/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-10-243/" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4450.json b/2010/4xxx/CVE-2010-4450.json index 0ca5e83dd78..a7307479863 100644 --- a/2010/4xxx/CVE-2010-4450.json +++ b/2010/4xxx/CVE-2010-4450.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4450", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-4450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html" - }, - { - "name" : "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/", - "refsource" : "CONFIRM", - "url" : "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" - }, - { - "name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html" - }, - { - "name" : "DSA-2224", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2224" - }, - { - "name" : "FEDORA-2011-1631", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html" - }, - { - "name" : "FEDORA-2011-1645", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "HPSBMU02797", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" - }, - { - "name" : "SSRT100867", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "MDVSA-2011:054", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054" - }, - { - "name" : "RHSA-2011:0281", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0281.html" - }, - { - "name" : "RHSA-2011:0282", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0282.html" - }, - { - "name" : "46397", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46397" - }, - { - "name" : "oval:org.mitre.oval:def:12420", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12420" - }, - { - "name" : "oval:org.mitre.oval:def:14135", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14135" - }, - { - "name" : "43350", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43350" - }, - { - "name" : "oracle-java-launcher-code-exec(65406)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65406" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html" + }, + { + "name": "FEDORA-2011-1631", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "FEDORA-2011-1645", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html" + }, + { + "name": "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/", + "refsource": "CONFIRM", + "url": "http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/" + }, + { + "name": "oval:org.mitre.oval:def:14135", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14135" + }, + { + "name": "46397", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46397" + }, + { + "name": "43350", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43350" + }, + { + "name": "RHSA-2011:0282", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0282.html" + }, + { + "name": "DSA-2224", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2224" + }, + { + "name": "SSRT100867", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2" + }, + { + "name": "RHSA-2011:0281", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0281.html" + }, + { + "name": "oracle-java-launcher-code-exec(65406)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65406" + }, + { + "name": "oval:org.mitre.oval:def:12420", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12420" + }, + { + "name": "MDVSA-2011:054", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054" + }, + { + "name": "HPSBMU02797", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5053.json b/2010/5xxx/CVE-2010-5053.json index 1776d6a010a..49e8a2a91fa 100644 --- a/2010/5xxx/CVE-2010-5053.json +++ b/2010/5xxx/CVE-2010-5053.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5053", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5053", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1004-exploits/joomlaxobbix-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/joomlaxobbix-sql.txt" - }, - { - "name" : "http://www.exploit-db.com/exploits/12097", - "refsource" : "MISC", - "url" : "http://www.exploit-db.com/exploits/12097" - }, - { - "name" : "39259", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39259" - }, - { - "name" : "39312", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39312" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39312", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39312" + }, + { + "name": "http://www.exploit-db.com/exploits/12097", + "refsource": "MISC", + "url": "http://www.exploit-db.com/exploits/12097" + }, + { + "name": "http://packetstormsecurity.org/1004-exploits/joomlaxobbix-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/joomlaxobbix-sql.txt" + }, + { + "name": "39259", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39259" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0425.json b/2014/0xxx/CVE-2014-0425.json index 58c861d7a5d..fc750971023 100644 --- a/2014/0xxx/CVE-2014-0425.json +++ b/2014/0xxx/CVE-2014-0425.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0425", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0425", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "64889", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64889" - }, - { - "name" : "102044", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102044" - }, - { - "name" : "1029623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029623" - }, - { - "name" : "56479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56479" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64889", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64889" + }, + { + "name": "102044", + "refsource": "OSVDB", + "url": "http://osvdb.org/102044" + }, + { + "name": "56479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56479" + }, + { + "name": "1029623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029623" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0453.json b/2014/0xxx/CVE-2014-0453.json index c3325d07593..461545f1bb7 100644 --- a/2014/0xxx/CVE-2014-0453.json +++ b/2014/0xxx/CVE-2014-0453.json @@ -1,377 +1,377 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21675343", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21675343" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21675588", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21675588" - }, - { - "name" : "https://www.ibm.com/support/docview.wss?uid=swg21674530", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=swg21674530" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673836", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673836" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676703", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676703" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674539", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674539" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675945", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675945" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678113", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678113" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679713", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679713" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681018", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681018" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681047", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681047" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681256", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681256" - }, - { - "name" : "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132", - "refsource" : "CONFIRM", - "url" : "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21677387", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21677387" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680387", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680387" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679610", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679610" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680750", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680750" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676373", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676373" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676672", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676672" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676190", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676190" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677294", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677294" - }, - { - "name" : "DSA-2912", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2912" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03091", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "HPSBUX03092", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "SSRT101667", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "SSRT101668", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "RHSA-2014:0675", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0675.html" - }, - { - "name" : "RHSA-2014:0685", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0685.html" - }, - { - "name" : "RHSA-2014:0413", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0413" - }, - { - "name" : "RHSA-2014:0414", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0414" - }, - { - "name" : "USN-2191-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2191-1" - }, - { - "name" : "USN-2187-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2187-1" - }, - { - "name" : "66914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66914" - }, - { - "name" : "58415", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58415" - }, - { - "name" : "59071", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59071" - }, - { - "name" : "59082", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59082" - }, - { - "name" : "59104", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59104" - }, - { - "name" : "59250", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59250" - }, - { - "name" : "59255", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59255" - }, - { - "name" : "59022", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59022" - }, - { - "name" : "59438", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59438" - }, - { - "name" : "59023", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59023" - }, - { - "name" : "59722", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59722" - }, - { - "name" : "59733", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59733" - }, - { - "name" : "59675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59675" - }, - { - "name" : "59653", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59653" - }, - { - "name" : "60003", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60003" - }, - { - "name" : "60111", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60111" - }, - { - "name" : "60117", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60117" - }, - { - "name" : "60498", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60498" - }, - { - "name" : "61050", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61050" - }, - { - "name" : "61264", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61264" - }, - { - "name" : "60574", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60574" - }, - { - "name" : "60580", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60580" - }, - { - "name" : "59194", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59194" - }, - { - "name" : "59436", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59436" - }, - { - "name" : "59307", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59307" - }, - { - "name" : "59324", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373" + }, + { + "name": "59022", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59022" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750" + }, + { + "name": "USN-2187-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2187-1" + }, + { + "name": "RHSA-2014:0675", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html" + }, + { + "name": "RHSA-2014:0414", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0414" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "59324", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59324" + }, + { + "name": "USN-2191-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2191-1" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610" + }, + { + "name": "59733", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59733" + }, + { + "name": "61050", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61050" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698" + }, + { + "name": "HPSBUX03091", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945" + }, + { + "name": "RHSA-2014:0413", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0413" + }, + { + "name": "SSRT101667", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "HPSBUX03092", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "61264", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61264" + }, + { + "name": "59194", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59194" + }, + { + "name": "60498", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60498" + }, + { + "name": "RHSA-2014:0685", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html" + }, + { + "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132", + "refsource": "CONFIRM", + "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294" + }, + { + "name": "59436", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59436" + }, + { + "name": "59653", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59653" + }, + { + "name": "59071", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59071" + }, + { + "name": "DSA-2912", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2912" + }, + { + "name": "66914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66914" + }, + { + "name": "60117", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60117" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387" + }, + { + "name": "60574", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60574" + }, + { + "name": "59722", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59722" + }, + { + "name": "58415", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58415" + }, + { + "name": "59104", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59104" + }, + { + "name": "59675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59675" + }, + { + "name": "SSRT101668", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "59438", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59438" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836" + }, + { + "name": "https://www.ibm.com/support/docview.wss?uid=swg21674530", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=swg21674530" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387" + }, + { + "name": "59023", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59023" + }, + { + "name": "59307", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59307" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21675343", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343" + }, + { + "name": "59082", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59082" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703" + }, + { + "name": "59250", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59250" + }, + { + "name": "60580", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60580" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + }, + { + "name": "59255", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59255" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018" + }, + { + "name": "60111", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60111" + }, + { + "name": "60003", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60003" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21675588", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0674.json b/2014/0xxx/CVE-2014-0674.json index 15b68791a3b..5ab169971ba 100644 --- a/2014/0xxx/CVE-2014-0674.json +++ b/2014/0xxx/CVE-2014-0674.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0674", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host name, aka Bug ID CSCud10992." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0674", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140123 Cisco Video Surveillance Operations Manager MySQL Database Insufficient Authentication Controls", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0674" - }, - { - "name" : "USN-2739-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2739-1" - }, - { - "name" : "65111", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65111" - }, - { - "name" : "102409", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102409" - }, - { - "name" : "1029692", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029692" - }, - { - "name" : "56619", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56619" - }, - { - "name" : "cisco-vsom-cve20140674-unauth-access(90651)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90651" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host name, aka Bug ID CSCud10992." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cisco-vsom-cve20140674-unauth-access(90651)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90651" + }, + { + "name": "20140123 Cisco Video Surveillance Operations Manager MySQL Database Insufficient Authentication Controls", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0674" + }, + { + "name": "102409", + "refsource": "OSVDB", + "url": "http://osvdb.org/102409" + }, + { + "name": "65111", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65111" + }, + { + "name": "USN-2739-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2739-1" + }, + { + "name": "1029692", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029692" + }, + { + "name": "56619", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56619" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0684.json b/2014/0xxx/CVE-2014-0684.json index f0e2ce9f76c..099705a1cf0 100644 --- a/2014/0xxx/CVE-2014-0684.json +++ b/2014/0xxx/CVE-2014-0684.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0684", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0684", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34131", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=34131" - }, - { - "name" : "20140505 Cisco Nexus 7000 Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0684" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34131", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34131" + }, + { + "name": "20140505 Cisco Nexus 7000 Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0684" + } + ] + } +} \ No newline at end of file diff --git a/2014/10xxx/CVE-2014-10048.json b/2014/10xxx/CVE-2014-10048.json index 4d8cda1d19d..05b0ce04bf3 100644 --- a/2014/10xxx/CVE-2014-10048.json +++ b/2014/10xxx/CVE-2014-10048.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2014-10048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper validation of Array Index in Services." - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2014-10048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper validation of Array Index in Services." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1232.json b/2014/1xxx/CVE-2014-1232.json index 88b466f1012..5065760c2b1 100644 --- a/2014/1xxx/CVE-2014-1232.json +++ b/2014/1xxx/CVE-2014-1232.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1232", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG plugin before 2.6.8.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1232", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://wordpress.org/plugins/foliopress-wysiwyg/changelog", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/plugins/foliopress-wysiwyg/changelog" - }, - { - "name" : "64666", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64666" - }, - { - "name" : "56261", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56261" - }, - { - "name" : "foliopress-unspecified-xss(90102)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90102" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG plugin before 2.6.8.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64666", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64666" + }, + { + "name": "foliopress-unspecified-xss(90102)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90102" + }, + { + "name": "56261", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56261" + }, + { + "name": "http://wordpress.org/plugins/foliopress-wysiwyg/changelog", + "refsource": "CONFIRM", + "url": "http://wordpress.org/plugins/foliopress-wysiwyg/changelog" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1371.json b/2014/1xxx/CVE-2014-1371.json index 562db7523bf..2f836b70a77 100644 --- a/2014/1xxx/CVE-2014-1371.json +++ b/2014/1xxx/CVE-2014-1371.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT6296", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6296" - }, - { - "name" : "APPLE-SA-2014-06-30-2", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html" - }, - { - "name" : "1030505", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030505" - }, - { - "name" : "59475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59475" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT6296", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6296" + }, + { + "name": "1030505", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030505" + }, + { + "name": "APPLE-SA-2014-06-30-2", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html" + }, + { + "name": "59475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59475" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4835.json b/2014/4xxx/CVE-2014-4835.json index 4ab238b6339..ec063aff03f 100644 --- a/2014/4xxx/CVE-2014-4835.json +++ b/2014/4xxx/CVE-2014-4835.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4835", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSPI) before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-4835", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096777", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096777" - }, - { - "name" : "ibm-serverguide-cve20144835-sec-bypass(95629)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSPI) before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096777", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096777" + }, + { + "name": "ibm-serverguide-cve20144835-sec-bypass(95629)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95629" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4932.json b/2014/4xxx/CVE-2014-4932.json index ddcaccc6f8d..f86a6d53d2d 100644 --- a/2014/4xxx/CVE-2014-4932.json +++ b/2014/4xxx/CVE-2014-4932.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4932", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the val parameter to whois.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4932", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://techdefencelabs.com/security-advisories.html", - "refsource" : "MISC", - "url" : "http://techdefencelabs.com/security-advisories.html" - }, - { - "name" : "https://www.wordfence.com/help/advanced/changelog/", - "refsource" : "CONFIRM", - "url" : "https://www.wordfence.com/help/advanced/changelog/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the val parameter to whois.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.wordfence.com/help/advanced/changelog/", + "refsource": "CONFIRM", + "url": "https://www.wordfence.com/help/advanced/changelog/" + }, + { + "name": "http://techdefencelabs.com/security-advisories.html", + "refsource": "MISC", + "url": "http://techdefencelabs.com/security-advisories.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9749.json b/2014/9xxx/CVE-2014-9749.json index 1e7c18a5a3d..e3463df9c20 100644 --- a/2014/9xxx/CVE-2014-9749.json +++ b/2014/9xxx/CVE-2014-9749.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9749", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka \"Nonce replay vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9749", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151001 CVE Request: squid: Nonce replay vulnerability in Digest authentication", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/01/1" - }, - { - "name" : "[oss-security] 20151011 Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/11/4" - }, - { - "name" : "[oss-security] 20151012 Re: Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/12/2" - }, - { - "name" : "http://bugs.squid-cache.org/show_bug.cgi?id=4066", - "refsource" : "CONFIRM", - "url" : "http://bugs.squid-cache.org/show_bug.cgi?id=4066" - }, - { - "name" : "openSUSE-SU-2015:1835", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00052.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka \"Nonce replay vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151001 CVE Request: squid: Nonce replay vulnerability in Digest authentication", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/01/1" + }, + { + "name": "http://bugs.squid-cache.org/show_bug.cgi?id=4066", + "refsource": "CONFIRM", + "url": "http://bugs.squid-cache.org/show_bug.cgi?id=4066" + }, + { + "name": "[oss-security] 20151011 Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/11/4" + }, + { + "name": "openSUSE-SU-2015:1835", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00052.html" + }, + { + "name": "[oss-security] 20151012 Re: Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/12/2" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9823.json b/2014/9xxx/CVE-2014-9823.json index 3db88f0cb78..c1d9e655fd8 100644 --- a/2014/9xxx/CVE-2014-9823.json +++ b/2014/9xxx/CVE-2014-9823.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20141224 Imagemagick fuzzing bug", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/12/24/1" - }, - { - "name" : "[oss-security] 20160602 Re: ImageMagick CVEs", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" - }, - { - "name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", - "refsource" : "CONFIRM", - "url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343479", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343479" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343479", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343479" + }, + { + "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", + "refsource": "CONFIRM", + "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8" + }, + { + "name": "[oss-security] 20160602 Re: ImageMagick CVEs", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13" + }, + { + "name": "[oss-security] 20141224 Imagemagick fuzzing bug", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9904.json b/2014/9xxx/CVE-2014-9904.json index e9fb9203799..d40374c9c0c 100644 --- a/2014/9xxx/CVE-2014-9904.json +++ b/2014/9xxx/CVE-2014-9904.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2014-9904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6217e5ede23285ddfee10d2e4ba0cc2d4c046205", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6217e5ede23285ddfee10d2e4ba0cc2d4c046205" - }, - { - "name" : "https://github.com/torvalds/linux/commit/6217e5ede23285ddfee10d2e4ba0cc2d4c046205", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/6217e5ede23285ddfee10d2e4ba0cc2d4c046205" - }, - { - "name" : "DSA-3616", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3616" - }, - { - "name" : "SUSE-SU-2016:1937", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" - }, - { - "name" : "SUSE-SU-2016:2105", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:2184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" - }, - { - "name" : "91510", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91510" - }, - { - "name" : "1036189", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036189" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:2184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" + }, + { + "name": "1036189", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036189" + }, + { + "name": "91510", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91510" + }, + { + "name": "DSA-3616", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3616" + }, + { + "name": "https://github.com/torvalds/linux/commit/6217e5ede23285ddfee10d2e4ba0cc2d4c046205", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/6217e5ede23285ddfee10d2e4ba0cc2d4c046205" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6217e5ede23285ddfee10d2e4ba0cc2d4c046205", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6217e5ede23285ddfee10d2e4ba0cc2d4c046205" + }, + { + "name": "SUSE-SU-2016:2105", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" + }, + { + "name": "SUSE-SU-2016:1937", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9910.json b/2014/9xxx/CVE-2014-9910.json index 56535faac49..e4d20e98ef5 100644 --- a/2014/9xxx/CVE-2014-9910.json +++ b/2014/9xxx/CVE-2014-9910.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2014-9910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. References: B-RB#26710." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2014-9910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2016-12-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2016-12-01.html" - }, - { - "name" : "94685", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. References: B-RB#26710." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2016-12-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2016-12-01.html" + }, + { + "name": "94685", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94685" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3236.json b/2016/3xxx/CVE-2016-3236.json index be13a9d66be..da3b234eb9b 100644 --- a/2016/3xxx/CVE-2016-3236.json +++ b/2016/3xxx/CVE-2016-3236.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3236", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to redirect network traffic via unspecified vectors, aka \"Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3236", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-077", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-077" - }, - { - "name" : "1036104", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036104" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to redirect network traffic via unspecified vectors, aka \"Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-077", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-077" + }, + { + "name": "1036104", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036104" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3362.json b/2016/3xxx/CVE-2016-3362.json index ba37e2ff3fd..bd2812d4d97 100644 --- a/2016/3xxx/CVE-2016-3362.json +++ b/2016/3xxx/CVE-2016-3362.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3362", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3365." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3362", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-107", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107" - }, - { - "name" : "92799", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92799" - }, - { - "name" : "1036785", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036785" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3365." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92799", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92799" + }, + { + "name": "1036785", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036785" + }, + { + "name": "MS16-107", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3869.json b/2016/3xxx/CVE-2016-3869.json index c4e1636cb96..41312398c0e 100644 --- a/2016/3xxx/CVE-2016-3869.json +++ b/2016/3xxx/CVE-2016-3869.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3869", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-09-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-09-01.html" - }, - { - "name" : "92885", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92885" - }, - { - "name" : "1036763", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036763" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-09-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-09-01.html" + }, + { + "name": "1036763", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036763" + }, + { + "name": "92885", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92885" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6387.json b/2016/6xxx/CVE-2016-6387.json index f671d19a610..07273e31acc 100644 --- a/2016/6xxx/CVE-2016-6387.json +++ b/2016/6xxx/CVE-2016-6387.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6387", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-6387", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6575.json b/2016/6xxx/CVE-2016-6575.json index d460b5ea29e..e01f1306dfa 100644 --- a/2016/6xxx/CVE-2016-6575.json +++ b/2016/6xxx/CVE-2016-6575.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6575", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6575", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7024.json b/2016/7xxx/CVE-2016-7024.json index 97544e3cbdb..c008b6379dc 100644 --- a/2016/7xxx/CVE-2016-7024.json +++ b/2016/7xxx/CVE-2016-7024.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7024", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7024", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7241.json b/2016/7xxx/CVE-2016-7241.json index 641cd5f96db..882cb0c594f 100644 --- a/2016/7xxx/CVE-2016-7241.json +++ b/2016/7xxx/CVE-2016-7241.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40875", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40875/" - }, - { - "name" : "http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.html" - }, - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=952", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=952" - }, - { - "name" : "MS16-129", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129" - }, - { - "name" : "MS16-142", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142" - }, - { - "name" : "94055", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94055" - }, - { - "name" : "1037245", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037245" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-129", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129" + }, + { + "name": "40875", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40875/" + }, + { + "name": "http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.html" + }, + { + "name": "MS16-142", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=952", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=952" + }, + { + "name": "1037245", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037245" + }, + { + "name": "94055", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94055" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7338.json b/2016/7xxx/CVE-2016-7338.json index c7d227b81f4..4a055dce451 100644 --- a/2016/7xxx/CVE-2016-7338.json +++ b/2016/7xxx/CVE-2016-7338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7338", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7338", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7574.json b/2016/7xxx/CVE-2016-7574.json index f37c643c951..5a7624cff64 100644 --- a/2016/7xxx/CVE-2016-7574.json +++ b/2016/7xxx/CVE-2016-7574.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7574", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7574", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7736.json b/2016/7xxx/CVE-2016-7736.json index 4d60af1bb95..934d5b1ee00 100644 --- a/2016/7xxx/CVE-2016-7736.json +++ b/2016/7xxx/CVE-2016-7736.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7736", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7736", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8095.json b/2016/8xxx/CVE-2016-8095.json index d737ed7ebf5..635c79e8ae3 100644 --- a/2016/8xxx/CVE-2016-8095.json +++ b/2016/8xxx/CVE-2016-8095.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8095", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8095", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8876.json b/2016/8xxx/CVE-2016-8876.json index aad403b35b8..bd6d7782f1c 100644 --- a/2016/8xxx/CVE-2016-8876.json +++ b/2016/8xxx/CVE-2016-8876.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8876", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka \"Read Access Violation starting at FoxitReader.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.foxitsoftware.com/support/security-bulletins.php", - "refsource" : "CONFIRM", - "url" : "https://www.foxitsoftware.com/support/security-bulletins.php" - }, - { - "name" : "93608", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93608" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka \"Read Access Violation starting at FoxitReader.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93608", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93608" + }, + { + "name": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "CONFIRM", + "url": "https://www.foxitsoftware.com/support/security-bulletins.php" + } + ] + } +} \ No newline at end of file