admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:32:53 +00:00
parent bd7381eaa5
commit d83db36ebf
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 4069 additions and 4069 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

218
2006/0xxx/CVE-2006-0047.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2006-0047", "ID": "CVE-2006-0047",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060306 Out of memory crash in Freeciv 2.0.7", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/426866/100/0/threaded" "lang": "eng",
}, "value": "packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-994", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-994" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-200603-11", ]
"refsource" : "GENTOO", }
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200603-11.xml" ]
}, },
{ "references": {
"name" : "MDKSA-2006:053", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:053" "name": "16975",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16975"
"name" : "16975", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16975" "name": "GLSA-200603-11",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-11.xml"
"name" : "ADV-2006-0838", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0838" "name": "MDKSA-2006:053",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:053"
"name" : "19120", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19120" "name": "20060306 Out of memory crash in Freeciv 2.0.7",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/426866/100/0/threaded"
"name" : "19253", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19253" "name": "19253",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19253"
"name" : "19227", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19227" "name": "DSA-994",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-994"
"name" : "freeciv-packets-dos(25166)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25166" "name": "19227",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19227"
} },
{
"name": "ADV-2006-0838",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0838"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211"
},
{
"name": "19120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19120"
},
{
"name": "freeciv-packets-dos(25166)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25166"
}
]
}
} }

148
2006/0xxx/CVE-2006-0086.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0086", "ID": "CVE-2006-0086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://osvdb.org/ref/22/22202-nextgen.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://osvdb.org/ref/22/22202-nextgen.txt" "lang": "eng",
}, "value": "Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter."
{ }
"name" : "ADV-2006-0037", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/0037" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22202", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22202" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18309", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18309" ]
} },
] "references": {
} "reference_data": [
{
"name": "22202",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22202"
},
{
"name": "ADV-2006-0037",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0037"
},
{
"name": "http://osvdb.org/ref/22/22202-nextgen.txt",
"refsource": "MISC",
"url": "http://osvdb.org/ref/22/22202-nextgen.txt"
},
{
"name": "18309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18309"
}
]
}
} }

148
2006/0xxx/CVE-2006-0237.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0237", "ID": "CVE-2006-0237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in GTP iCommerce allows remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) subcat parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "16255", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16255" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.php in GTP iCommerce allows remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) subcat parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "ADV-2006-0214", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/0214" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "18470", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18470" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "gtpicommerce-index-xss(24150)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24150" ]
} },
] "references": {
} "reference_data": [
{
"name": "18470",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18470"
},
{
"name": "gtpicommerce-index-xss(24150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24150"
},
{
"name": "16255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16255"
},
{
"name": "ADV-2006-0214",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0214"
}
]
}
} }

188
2006/0xxx/CVE-2006-0353.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2006-0353", "ID": "CVE-2006-0353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[lsh-bugs] SECURITY: lshd leaks fd:s to user shells", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.lysator.liu.se/pipermail/lsh-bugs/2006q1/000467.html" "lang": "eng",
}, "value": "unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys."
{ }
"name" : "DSA-956", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2006/dsa-956" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16357", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16357" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0301", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0301" ]
}, },
{ "references": {
"name" : "22695", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22695" "name": "16357",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16357"
"name" : "18564", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18564" "name": "[lsh-bugs] SECURITY: lshd leaks fd:s to user shells",
}, "refsource": "MLIST",
{ "url": "http://lists.lysator.liu.se/pipermail/lsh-bugs/2006q1/000467.html"
"name" : "18623", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18623" "name": "18623",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18623"
"name" : "lsh-file-descriptor-leak(24263)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24263" "name": "22695",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/22695"
} },
{
"name": "lsh-file-descriptor-leak(24263)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24263"
},
{
"name": "DSA-956",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-956"
},
{
"name": "ADV-2006-0301",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0301"
},
{
"name": "18564",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18564"
}
]
}
} }

218
2006/1xxx/CVE-2006-1249.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1249", "ID": "CVE-2006-1249",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060511 [EEYEB-20060307] Apple QuickTime FPX Integer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/433850/100/0/threaded" "lang": "eng",
}, "value": "Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks."
{ }
"name" : "http://www.eeye.com/html/research/upcoming/20060307b.html", ]
"refsource" : "MISC", },
"url" : "http://www.eeye.com/html/research/upcoming/20060307b.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060512 Apple QuickDraw/QuickTime Multiple Vulnerabilities", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/433831/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2006-05-11", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2006/May/msg00002.html" ]
}, },
{ "references": {
"name" : "TA06-132B", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-132B.html" "name": "20069",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20069"
"name" : "VU#570689", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/570689" "name": "APPLE-SA-2006-05-11",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00002.html"
"name" : "17074", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17074" "name": "1016067",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016067"
"name" : "ADV-2006-1778", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1778" "name": "TA06-132B",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-132B.html"
"name" : "1016067", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016067" "name": "VU#570689",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/570689"
"name" : "20069", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20069" "name": "17074",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17074"
"name" : "quicktime-flashpix-overflow(26398)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26398" "name": "http://www.eeye.com/html/research/upcoming/20060307b.html",
} "refsource": "MISC",
] "url": "http://www.eeye.com/html/research/upcoming/20060307b.html"
} },
{
"name": "ADV-2006-1778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1778"
},
{
"name": "quicktime-flashpix-overflow(26398)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26398"
},
{
"name": "20060512 Apple QuickDraw/QuickTime Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433831/100/0/threaded"
},
{
"name": "20060511 [EEYEB-20060307] Apple QuickTime FPX Integer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433850/100/0/threaded"
}
]
}
} }

188
2006/1xxx/CVE-2006-1712.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1712", "ID": "CVE-2006-1712",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Mailman-Announce] 20060407 Released: Mailman 2.1.8 release candidate", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail.python.org/pipermail/mailman-announce/2006-April/000084.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument."
{ }
"name" : "http://www.mail-archive.com/mailman-checkins@python.org/msg06273.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mail-archive.com/mailman-checkins@python.org/msg06273.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=129136", "description": [
"refsource" : "MISC", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=129136" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17403", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17403" ]
}, },
{ "references": {
"name" : "ADV-2006-1269", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1269" "name": "1015876",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015876"
"name" : "24442", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24442" "name": "24442",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24442"
"name" : "1015876", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015876" "name": "19558",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19558"
"name" : "19558", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19558" "name": "[Mailman-Announce] 20060407 Released: Mailman 2.1.8 release candidate",
} "refsource": "MLIST",
] "url": "http://mail.python.org/pipermail/mailman-announce/2006-April/000084.html"
} },
{
"name": "ADV-2006-1269",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1269"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=129136",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=129136"
},
{
"name": "17403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17403"
},
{
"name": "http://www.mail-archive.com/mailman-checkins@python.org/msg06273.html",
"refsource": "CONFIRM",
"url": "http://www.mail-archive.com/mailman-checkins@python.org/msg06273.html"
}
]
}
} }

168
2006/1xxx/CVE-2006-1720.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1720", "ID": "CVE-2006-1720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060407 Xss In SaphpLesson3.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/430293/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection."
{ }
"name" : "17414", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17414" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1317", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1317" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1015883", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1015883" ]
}, },
{ "references": {
"name" : "683", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/683" "name": "20060407 Xss In SaphpLesson3.0",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/430293/100/0/threaded"
"name" : "saphplesson-search-xss(25719)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25719" "name": "683",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/683"
} },
{
"name": "17414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17414"
},
{
"name": "ADV-2006-1317",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1317"
},
{
"name": "1015883",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015883"
},
{
"name": "saphplesson-search-xss(25719)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25719"
}
]
}
} }

178
2006/4xxx/CVE-2006-4195.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4195", "ID": "CVE-2006-4195",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060814 Peoplebook Mambo Component <= v1.0 Remote File Include Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/443201/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
{ }
"name" : "2184", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/2184" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19505", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19505" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3277", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3277" ]
}, },
{ "references": {
"name" : "21470", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21470" "name": "ADV-2006-3277",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3277"
"name" : "1406", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1406" "name": "peoplebook-param-file-include(28359)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
"name" : "peoplebook-param-file-include(28359)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359" "name": "21470",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21470"
} },
{
"name": "2184",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2184"
},
{
"name": "1406",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1406"
},
{
"name": "20060814 Peoplebook Mambo Component <= v1.0 Remote File Include Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
},
{
"name": "19505",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19505"
}
]
}
} }

128
2006/4xxx/CVE-2006-4457.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4457", "ID": "CVE-2006-4457",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2006-3411", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3411" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "21676", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/21676" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3411",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3411"
},
{
"name": "21676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21676"
}
]
}
} }

208
2006/4xxx/CVE-2006-4795.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4795", "ID": "CVE-2006-4795",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-193.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-193.htm" "lang": "eng",
}, "value": "Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors."
{ }
"name" : "HPSBUX02151", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/archive/1/445893/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT051021", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/445893/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19999", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/19999" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:5427", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5427" "name": "21909",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21909"
"name" : "ADV-2006-3597", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3597" "name": "1016841",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016841"
"name" : "1016841", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016841" "name": "22010",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22010"
"name" : "21909", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21909" "name": "19999",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19999"
"name" : "22010", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22010" "name": "1596",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1596"
"name" : "1596", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1596" "name": "HPSBUX02151",
} "refsource": "HP",
] "url": "http://www.securityfocus.com/archive/1/445893/100/0/threaded"
} },
{
"name": "SSRT051021",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/445893/100/0/threaded"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-193.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-193.htm"
},
{
"name": "oval:org.mitre.oval:def:5427",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5427"
},
{
"name": "ADV-2006-3597",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3597"
}
]
}
} }

178
2006/5xxx/CVE-2006-5616.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5616", "ID": "CVE-2006-5616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "GLSA-200704-04", "description_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200704-04.xml" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "SUSE-SR:2006:025", ]
"refsource" : "SUSE", },
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0007.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20776", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20776" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4250", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4250" ]
}, },
{ "references": {
"name" : "22637", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22637" "name": "20776",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20776"
"name" : "24716", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24716" "name": "24716",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24716"
"name" : "openpbs-unspecified-code-execution(29944)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29944" "name": "SUSE-SR:2006:025",
} "refsource": "SUSE",
] "url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0007.html"
} },
{
"name": "22637",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22637"
},
{
"name": "openpbs-unspecified-code-execution(29944)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29944"
},
{
"name": "ADV-2006-4250",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4250"
},
{
"name": "GLSA-200704-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-04.xml"
}
]
}
} }

138
2010/0xxx/CVE-2010-0558.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0558", "ID": "CVE-2010-0558",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "275790", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275790-1" "lang": "eng",
}, "value": "The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain."
{ }
"name" : "1023545", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id?1023545" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "opensolaris-smbadm-unspecified(56521)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56521" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "275790",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275790-1"
},
{
"name": "1023545",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023545"
},
{
"name": "opensolaris-smbadm-unspecified(56521)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56521"
}
]
}
} }

288
2010/2xxx/CVE-2010-2024.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2024", "ID": "CVE-2010-2024",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100603 Multiple vulnerabilities in Exim", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/511653/100/0/threaded" "lang": "eng",
}, "value": "transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/."
{ }
"name" : "20100603 Multiple vulnerabilities in Exim", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[exim-dev] 20100524 Security issues in exim4 local delivery", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://bugs.exim.org/show_bug.cgi?id=989", ]
"refsource" : "CONFIRM", }
"url" : "http://bugs.exim.org/show_bug.cgi?id=989" ]
}, },
{ "references": {
"name" : "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2" "name": "20100603 Multiple vulnerabilities in Exim",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html"
"name" : "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26", },
"refsource" : "CONFIRM", {
"url" : "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=600097",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=600097"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=600097", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=600097" "name": "ADV-2010-1402",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1402"
"name" : "FEDORA-2010-9506", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html" "name": "40454",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/40454"
"name" : "FEDORA-2010-9524", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html" "name": "ADV-2011-0364",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0364"
"name" : "SUSE-SR:2010:014", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" "name": "43243",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43243"
"name" : "USN-1060-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1060-1" "name": "exim-mbx-symlink(59042)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59042"
"name" : "40454", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40454" "name": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26",
}, "refsource": "CONFIRM",
{ "url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26"
"name" : "40019", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40019" "name": "40019",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40019"
"name" : "40123", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40123" "name": "[exim-dev] 20100524 Security issues in exim4 local delivery",
}, "refsource": "MLIST",
{ "url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html"
"name" : "43243", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43243" "name": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2",
}, "refsource": "CONFIRM",
{ "url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2"
"name" : "ADV-2010-1402", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1402" "name": "40123",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40123"
"name" : "ADV-2011-0364", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0364" "name": "20100603 Multiple vulnerabilities in Exim",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded"
"name" : "exim-mbx-symlink(59042)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59042" "name": "FEDORA-2010-9524",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html"
} },
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "USN-1060-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1060-1"
},
{
"name": "http://bugs.exim.org/show_bug.cgi?id=989",
"refsource": "CONFIRM",
"url": "http://bugs.exim.org/show_bug.cgi?id=989"
},
{
"name": "FEDORA-2010-9506",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html"
}
]
}
} }

138
2010/2xxx/CVE-2010-2555.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-2555", "ID": "CVE-2010-2555",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors involving a long string, aka \"Tracing Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-059", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-059" "lang": "eng",
}, "value": "The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors involving a long string, aka \"Tracing Memory Corruption Vulnerability.\""
{ }
"name" : "TA10-222A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:11426", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11426" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "TA10-222A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
},
{
"name": "MS10-059",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-059"
},
{
"name": "oval:org.mitre.oval:def:11426",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11426"
}
]
}
} }

248
2010/2xxx/CVE-2010-2765.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2765", "ID": "CVE-2010-2765",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-50.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-50.html" "lang": "eng",
}, "value": "Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=576447", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=576447" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox", "description": [
"refsource" : "CONFIRM", {
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/css/P8/documents/100110210", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/css/P8/documents/100110210" ]
}, },
{ "references": {
"name" : "http://support.avaya.com/css/P8/documents/100112690", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100112690" "name": "SUSE-SA:2010:049",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html"
"name" : "DSA-2106", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2106" "name": "http://www.mozilla.org/security/announce/2010/mfsa2010-50.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-50.html"
"name" : "FEDORA-2010-14362", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html" "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
}, "refsource": "CONFIRM",
{ "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
"name" : "MDVSA-2010:173", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173" "name": "FEDORA-2010-14362",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html"
"name" : "SUSE-SA:2010:049", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html" "name": "http://support.avaya.com/css/P8/documents/100110210",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100110210"
"name" : "43095", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/43095" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=576447",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=576447"
"name" : "oval:org.mitre.oval:def:11519", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11519" "name": "http://support.avaya.com/css/P8/documents/100112690",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100112690"
"name" : "42867", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42867" "name": "42867",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42867"
"name" : "ADV-2010-2323", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2323" "name": "oval:org.mitre.oval:def:11519",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11519"
"name" : "ADV-2011-0061", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0061" "name": "ADV-2011-0061",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0061"
} },
{
"name": "MDVSA-2010:173",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:173"
},
{
"name": "ADV-2010-2323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2323"
},
{
"name": "DSA-2106",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2106"
},
{
"name": "43095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43095"
}
]
}
} }

258
2010/2xxx/CVE-2010-2813.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2813", "ID": "CVE-2010-2813",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://squirrelmail.org/security/issue/2010-07-23", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://squirrelmail.org/security/issue/2010-07-23" "lang": "eng",
}, "value": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files."
{ }
"name" : "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch&r1=13972&r2=13971&pathrev=13972", ]
"refsource" : "CONFIRM", },
"url" : "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch&r1=13972&r2=13971&pathrev=13972" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=618096", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=618096" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/kb/HT5130", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/kb/HT5130" ]
}, },
{ "references": {
"name" : "APPLE-SA-2012-02-01-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html" "name": "FEDORA-2010-11422",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html"
"name" : "DSA-2091", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2091" "name": "http://support.apple.com/kb/HT5130",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5130"
"name" : "FEDORA-2010-11410", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html" "name": "squirrelmail-imap-dos(61124)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124"
"name" : "FEDORA-2010-11422", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html" "name": "FEDORA-2010-11410",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html"
"name" : "RHSA-2012:0103", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0103.html" "name": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch&r1=13972&r2=13971&pathrev=13972",
}, "refsource": "CONFIRM",
{ "url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/imap_general.php?view=patch&r1=13972&r2=13971&pathrev=13972"
"name" : "42399", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42399" "name": "DSA-2091",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2010/dsa-2091"
"name" : "40964", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40964" "name": "APPLE-SA-2012-02-01-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
"name" : "40971", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40971" "name": "40964",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40964"
"name" : "ADV-2010-2070", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2070" "name": "ADV-2010-2080",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2080"
"name" : "ADV-2010-2080", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2080" "name": "42399",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/42399"
"name" : "squirrelmail-imap-dos(61124)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61124" "name": "RHSA-2012:0103",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html"
} },
{
"name": "40971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40971"
},
{
"name": "http://squirrelmail.org/security/issue/2010-07-23",
"refsource": "CONFIRM",
"url": "http://squirrelmail.org/security/issue/2010-07-23"
},
{
"name": "ADV-2010-2070",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2070"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=618096",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=618096"
}
]
}
} }

158
2010/3xxx/CVE-2010-3043.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2010-3043", "ID": "CVE-2010-3043",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016" "lang": "eng",
}, "value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044."
{ }
"name" : "20110201 Multiple Cisco WebEx Player Vulnerabilities", ]
"refsource" : "CISCO", },
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46075", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46075" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1025016", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1025016" ]
}, },
{ "references": {
"name" : "webex-wrf-bo(65074)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074" "name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
} "refsource": "CISCO",
] "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
} },
{
"name": "webex-wrf-bo(65074)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025016"
}
]
}
} }

148
2010/3xxx/CVE-2010-3061.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3061", "ID": "CVE-2010-3061",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (recovery failure), and possibly trigger loss of data, via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21443820", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21443820" "lang": "eng",
}, "value": "Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (recovery failure), and possibly trigger loss of data, via unknown vectors."
{ }
"name" : "IC69883", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42549", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42549" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "41044", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/41044" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21443820",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21443820"
},
{
"name": "41044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41044"
},
{
"name": "IC69883",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883"
},
{
"name": "42549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42549"
}
]
}
} }

138
2010/3xxx/CVE-2010-3496.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3496", "ID": "CVE-2010-3496",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20101018 Antivirus detection after malware execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/514356" "lang": "eng",
}, "value": "McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution."
{ }
"name" : "http://www.n00bz.net/antivirus-cve", ]
"refsource" : "MISC", },
"url" : "http://www.n00bz.net/antivirus-cve" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10012", "description": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10012" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20101018 Antivirus detection after malware execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514356"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10012",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10012"
},
{
"name": "http://www.n00bz.net/antivirus-cve",
"refsource": "MISC",
"url": "http://www.n00bz.net/antivirus-cve"
}
]
}
} }

198
2010/3xxx/CVE-2010-3620.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-3620", "ID": "CVE-2010-3620",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-21.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-21.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629."
{ }
"name" : "GLSA-201101-08", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201101-08.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2010:0743", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0743.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SA:2010:048", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html" ]
}, },
{ "references": {
"name" : "SUSE-SR:2010:019", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" "name": "SUSE-SA:2010:048",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html"
"name" : "TA10-279A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-279A.html" "name": "ADV-2011-0191",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0191"
"name" : "oval:org.mitre.oval:def:7589", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7589" "name": "43025",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43025"
"name" : "43025", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43025" "name": "oval:org.mitre.oval:def:7589",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7589"
"name" : "ADV-2011-0191", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0191" "name": "GLSA-201101-08",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
} },
{
"name": "RHSA-2010:0743",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0743.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-21.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"name": "TA10-279A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-279A.html"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
}
]
}
} }

188
2010/3xxx/CVE-2010-3961.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-3961", "ID": "CVE-2010-3961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows local users with SeImpersonatePrivilege rights to gain privileges via a crafted application, aka \"Consent UI Impersonation Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-100", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-100" "lang": "eng",
}, "value": "The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows local users with SeImpersonatePrivilege rights to gain privileges via a crafted application, aka \"Consent UI Impersonation Vulnerability.\""
{ }
"name" : "TA10-348A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45318", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45318" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "69824", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/69824" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:12323", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12323" "name": "42614",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42614"
"name" : "1024882", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024882" "name": "TA10-348A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name" : "42614", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42614" "name": "oval:org.mitre.oval:def:12323",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12323"
"name" : "ADV-2010-3222", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3222" "name": "ADV-2010-3222",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2010/3222"
} },
{
"name": "1024882",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024882"
},
{
"name": "45318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45318"
},
{
"name": "MS10-100",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-100"
},
{
"name": "69824",
"refsource": "OSVDB",
"url": "http://osvdb.org/69824"
}
]
}
} }

32
2010/4xxx/CVE-2010-4014.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4014", "ID": "CVE-2010-4014",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

298
2010/4xxx/CVE-2010-4253.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4253", "ID": "CVE-2010-4253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.openoffice.org/security/cves/CVE-2010-4253.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.openoffice.org/security/cves/CVE-2010-4253.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=658259", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=658259" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-2151", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2011/dsa-2151" ]
}, },
{ "references": {
"name" : "GLSA-201408-19", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" "name": "40775",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40775"
"name" : "MDVSA-2011:027", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:027" "name": "46031",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/46031"
"name" : "RHSA-2011:0182", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0182.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=658259",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=658259"
"name" : "USN-1056-1", },
"refsource" : "UBUNTU", {
"url" : "http://ubuntu.com/usn/usn-1056-1" "name": "DSA-2151",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2151"
"name" : "46031", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46031" "name": "60799",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60799"
"name" : "70717", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/70717" "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
"name" : "1025002", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025002" "name": "GLSA-201408-19",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
"name" : "43065", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43065" "name": "http://www.openoffice.org/security/cves/CVE-2010-4253.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.openoffice.org/security/cves/CVE-2010-4253.html"
"name" : "42999", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42999" "name": "43065",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43065"
"name" : "43105", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43105" "name": "ADV-2011-0230",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0230"
"name" : "60799", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60799" "name": "70717",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/70717"
"name" : "40775", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40775" "name": "1025002",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1025002"
"name" : "ADV-2011-0230", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0230" "name": "ADV-2011-0232",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0232"
"name" : "ADV-2011-0232", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0232" "name": "RHSA-2011:0182",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0182.html"
"name" : "ADV-2011-0279", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0279" "name": "USN-1056-1",
} "refsource": "UBUNTU",
] "url": "http://ubuntu.com/usn/usn-1056-1"
} },
{
"name": "ADV-2011-0279",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0279"
},
{
"name": "43105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43105"
},
{
"name": "MDVSA-2011:027",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:027"
},
{
"name": "42999",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42999"
}
]
}
} }

148
2010/4xxx/CVE-2010-4590.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4590", "ID": "CVE-2010-4590",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27020327", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27020327" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "IZ77536", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ77536" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1024871", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1024871" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2010-3209", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2010/3209" ]
} },
] "references": {
} "reference_data": [
{
"name": "IZ77536",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ77536"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27020327",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27020327"
},
{
"name": "1024871",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024871"
},
{
"name": "ADV-2010-3209",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3209"
}
]
}
} }

148
2010/4xxx/CVE-2010-4826.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4826", "ID": "CVE-2010-4826",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to execute arbitrary SQL commands via the M_NAME parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forum.snitz.com/forum/topic.asp?TOPIC_ID=69770", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://forum.snitz.com/forum/topic.asp?TOPIC_ID=69770" "lang": "eng",
}, "value": "SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to execute arbitrary SQL commands via the M_NAME parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "45381", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/45381" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "69794", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/69794" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42308", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/42308" ]
} },
] "references": {
} "reference_data": [
{
"name": "42308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42308"
},
{
"name": "69794",
"refsource": "OSVDB",
"url": "http://osvdb.org/69794"
},
{
"name": "45381",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45381"
},
{
"name": "http://forum.snitz.com/forum/topic.asp?TOPIC_ID=69770",
"refsource": "CONFIRM",
"url": "http://forum.snitz.com/forum/topic.asp?TOPIC_ID=69770"
}
]
}
} }

288
2011/5xxx/CVE-2011-5062.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5062", "ID": "CVE-2011-5062",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://svn.apache.org/viewvc?view=rev&rev=1087655", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=rev&rev=1087655" "lang": "eng",
}, "value": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184."
{ }
"name" : "http://svn.apache.org/viewvc?view=rev&rev=1158180", ]
"refsource" : "CONFIRM", },
"url" : "http://svn.apache.org/viewvc?view=rev&rev=1158180" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://svn.apache.org/viewvc?view=rev&rev=1159309", "description": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=rev&rev=1159309" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://tomcat.apache.org/security-5.html", ]
"refsource" : "CONFIRM", }
"url" : "http://tomcat.apache.org/security-5.html" ]
}, },
{ "references": {
"name" : "http://tomcat.apache.org/security-6.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://tomcat.apache.org/security-6.html" "name": "DSA-2401",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2012/dsa-2401"
"name" : "http://tomcat.apache.org/security-7.html", },
"refsource" : "CONFIRM", {
"url" : "http://tomcat.apache.org/security-7.html" "name": "SUSE-SU-2012:0155",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html"
"name" : "DSA-2401", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2401" "name": "RHSA-2012:0325",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-0325.html"
"name" : "HPSBST02955", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=139344343412337&w=2" "name": "http://svn.apache.org/viewvc?view=rev&rev=1159309",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=rev&rev=1159309"
"name" : "RHSA-2011:1845", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1845.html" "name": "RHSA-2012:0078",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-0078.html"
"name" : "RHSA-2012:0074", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0074.html" "name": "RHSA-2011:1845",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1845.html"
"name" : "RHSA-2012:0075", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0075.html" "name": "http://svn.apache.org/viewvc?view=rev&rev=1158180",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=rev&rev=1158180"
"name" : "RHSA-2012:0076", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0076.html" "name": "RHSA-2012:0075",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-0075.html"
"name" : "RHSA-2012:0077", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0077.html" "name": "RHSA-2012:0074",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-0074.html"
"name" : "RHSA-2012:0078", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0078.html" "name": "http://tomcat.apache.org/security-7.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-7.html"
"name" : "RHSA-2012:0325", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0325.html" "name": "http://svn.apache.org/viewvc?view=rev&rev=1087655",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=rev&rev=1087655"
"name" : "SUSE-SU-2012:0155", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html" "name": "http://tomcat.apache.org/security-6.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-6.html"
"name" : "openSUSE-SU-2012:0208", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html" "name": "57126",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/57126"
"name" : "57126", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57126" "name": "http://tomcat.apache.org/security-5.html",
} "refsource": "CONFIRM",
] "url": "http://tomcat.apache.org/security-5.html"
} },
{
"name": "openSUSE-SU-2012:0208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html"
},
{
"name": "RHSA-2012:0076",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0076.html"
},
{
"name": "HPSBST02955",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2"
},
{
"name": "RHSA-2012:0077",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0077.html"
}
]
}
} }

158
2014/3xxx/CVE-2014-3535.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3535", "ID": "CVE-2014-3535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=256df2f3879efdb2e9808bdb1b54b16fbb11fa38", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=256df2f3879efdb2e9808bdb1b54b16fbb11fa38" "lang": "eng",
}, "value": "include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface."
{ }
"name" : "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36", ]
"refsource" : "CONFIRM", },
"url" : "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1114540", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1114540" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38" ]
}, },
{ "references": {
"name" : "69721", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69721" "name": "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36",
} "refsource": "CONFIRM",
] "url": "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36"
} },
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=256df2f3879efdb2e9808bdb1b54b16fbb11fa38",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=256df2f3879efdb2e9808bdb1b54b16fbb11fa38"
},
{
"name": "69721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69721"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1114540",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1114540"
},
{
"name": "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38"
}
]
}
} }

32
2014/4xxx/CVE-2014-4173.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4173", "ID": "CVE-2014-4173",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

208
2014/4xxx/CVE-2014-4477.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4477", "ID": "CVE-2014-4477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/HT204243", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204243" "lang": "eng",
}, "value": "WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479."
{ }
"name" : "http://support.apple.com/HT204245", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/HT204245" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/HT204246", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/kb/HT204949", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/kb/HT204949" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-01-27-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" "name": "1031647",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031647"
"name" : "APPLE-SA-2015-01-27-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" "name": "http://support.apple.com/HT204245",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204245"
"name" : "APPLE-SA-2015-01-27-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html" "name": "http://support.apple.com/HT204246",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204246"
"name" : "APPLE-SA-2015-06-30-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html" "name": "APPLE-SA-2015-06-30-6",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
"name" : "72331", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72331" "name": "http://support.apple.com/HT204243",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204243"
"name" : "1031647", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031647" "name": "72331",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/72331"
} },
{
"name": "APPLE-SA-2015-01-27-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
},
{
"name": "APPLE-SA-2015-01-27-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT204949",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT204949"
},
{
"name": "APPLE-SA-2015-01-27-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
}
]
}
} }

138
2014/8xxx/CVE-2014-8269.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-8269", "ID": "CVE-2014-8269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-423/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-423/" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-424/", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-424/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#659684", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/659684" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-423/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-423/"
},
{
"name": "VU#659684",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/659684"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-424/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-424/"
}
]
}
} }

148
2014/8xxx/CVE-2014-8825.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-8825", "ID": "CVE-2014-8825",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/HT204244", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204244" "lang": "eng",
}, "value": "The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors."
{ }
"name" : "APPLE-SA-2015-01-27-4", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031650", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031650" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "macosx-cve20148825-spoofing(100517)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100517" ]
} },
] "references": {
} "reference_data": [
{
"name": "1031650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031650"
},
{
"name": "http://support.apple.com/HT204244",
"refsource": "CONFIRM",
"url": "http://support.apple.com/HT204244"
},
{
"name": "APPLE-SA-2015-01-27-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "macosx-cve20148825-spoofing(100517)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100517"
}
]
}
} }

32
2014/9xxx/CVE-2014-9107.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9107", "ID": "CVE-2014-9107",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

238
2014/9xxx/CVE-2014-9365.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9365", "ID": "CVE-2014-9365",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141211 CVE request: Python, standard library HTTP clients", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/11/1" "lang": "eng",
}, "value": "The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
{ }
"name" : "http://bugs.python.org/issue22417", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.python.org/issue22417" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.python.org/dev/peps/pep-0476/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.python.org/dev/peps/pep-0476/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.python.org/downloads/release/python-279/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.python.org/downloads/release/python-279/" ]
}, },
{ "references": {
"name" : "https://support.apple.com/kb/HT205031", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "name": "RHSA-2017:1162",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1162"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "name": "https://www.python.org/dev/peps/pep-0476/",
}, "refsource": "CONFIRM",
{ "url": "https://www.python.org/dev/peps/pep-0476/"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" "name": "71639",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71639"
"name" : "APPLE-SA-2015-08-13-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "RHSA-2016:1166",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1166"
"name" : "GLSA-201503-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201503-10" "name": "RHSA-2017:1868",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1868"
"name" : "RHSA-2016:1166", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1166" "name": "http://bugs.python.org/issue22417",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.python.org/issue22417"
"name" : "RHSA-2017:1162", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1162" "name": "GLSA-201503-10",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201503-10"
"name" : "RHSA-2017:1868", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1868" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "71639", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71639" "name": "https://www.python.org/downloads/release/python-279/",
} "refsource": "CONFIRM",
] "url": "https://www.python.org/downloads/release/python-279/"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"name": "[oss-security] 20141211 CVE request: Python, standard library HTTP clients",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/11/1"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
} }

128
2014/9xxx/CVE-2014-9507.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9507", "ID": "CVE-2014-9507",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgContentHandlerUseDB is enabled, allows remote attackers to conduct cross-site scripting (XSS) attacks by setting the content model for a revision to JS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[MediaWiki-announce] 20141127 MediaWiki Security and Maintenance Releases: 1.23.7, 1.22.14 and 1.19.22", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-November/000170.html" "lang": "eng",
}, "value": "MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgContentHandlerUseDB is enabled, allows remote attackers to conduct cross-site scripting (XSS) attacks by setting the content model for a revision to JS."
{ }
"name" : "https://phabricator.wikimedia.org/T72901", ]
"refsource" : "CONFIRM", },
"url" : "https://phabricator.wikimedia.org/T72901" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T72901",
"refsource": "CONFIRM",
"url": "https://phabricator.wikimedia.org/T72901"
},
{
"name": "[MediaWiki-announce] 20141127 MediaWiki Security and Maintenance Releases: 1.23.7, 1.22.14 and 1.19.22",
"refsource": "MLIST",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-November/000170.html"
}
]
}
} }

338
2014/9xxx/CVE-2014-9705.json
View File

@ -1,172 +1,172 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9705", "ID": "CVE-2014-9705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2015/03/15/6" "lang": "eng",
}, "value": "Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries."
{ }
"name" : "https://www.htbridge.com/advisory/HTB23252", ]
"refsource" : "MISC", },
"url" : "https://www.htbridge.com/advisory/HTB23252" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://php.net/ChangeLog-5.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.php.net/bug.php?id=68552", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.php.net/bug.php?id=68552" ]
}, },
{ "references": {
"name" : "http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803" "name": "DSA-3195",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3195"
"name" : "https://support.apple.com/HT205267", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205267" "name": "USN-2535-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2535-1"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "name": "HPSBMU03409",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" "name": "https://bugs.php.net/bug.php?id=68552",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=68552"
"name" : "APPLE-SA-2015-09-30-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" "name": "openSUSE-SU-2015:0644",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html"
"name" : "DSA-3195", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3195" "name": "https://www.htbridge.com/advisory/HTB23252",
}, "refsource": "MISC",
{ "url": "https://www.htbridge.com/advisory/HTB23252"
"name" : "GLSA-201606-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-10" "name": "APPLE-SA-2015-09-30-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
"name" : "HPSBMU03380", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143748090628601&w=2" "name": "HPSBMU03380",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2"
"name" : "HPSBMU03409", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=144050155601375&w=2" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "MDVSA-2015:079", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079" "name": "MDVSA-2015:079",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079"
"name" : "RHSA-2015:1135", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
"name" : "RHSA-2015:1053", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1053.html" "name": "http://php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://php.net/ChangeLog-5.php"
"name" : "RHSA-2015:1066", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1066.html" "name": "SUSE-SU-2015:0868",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
"name" : "RHSA-2015:1218", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" "name": "http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803",
}, "refsource": "CONFIRM",
{ "url": "http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803"
"name" : "openSUSE-SU-2015:0644", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html" "name": "https://support.apple.com/HT205267",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205267"
"name" : "SUSE-SU-2015:0868", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" "name": "RHSA-2015:1135",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
"name" : "USN-2535-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2535-1" "name": "RHSA-2015:1053",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
"name" : "73031", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73031" "name": "[oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2015/03/15/6"
"name" : "1031948", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031948" "name": "73031",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/73031"
} },
{
"name": "1031948",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031948"
},
{
"name": "GLSA-201606-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"name": "RHSA-2015:1066",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"name": "RHSA-2015:1218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
]
}
} }

138
2014/9xxx/CVE-2014-9777.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2014-9777", "ID": "CVE-2014-9777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598501 and Qualcomm internal bug CR563654."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-07-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-07-01.html" "lang": "eng",
}, "value": "The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598501 and Qualcomm internal bug CR563654."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91628", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91628" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=17bfaf64ad503d2e6607d2d3e0956f25bf07eb43"
},
{
"name": "91628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91628"
},
{
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
}
]
}
} }

138
2014/9xxx/CVE-2014-9837.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9837", "ID": "CVE-2014-9837",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" "lang": "eng",
}, "value": "coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file."
{ }
"name" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682", ]
"refsource" : "MISC", },
"url" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2", "description": [
"refsource" : "CONFIRM", {
"url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682",
"refsource": "MISC",
"url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682"
},
{
"name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2",
"refsource": "CONFIRM",
"url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2"
},
{
"name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
}
]
}
} }

32
2016/2xxx/CVE-2016-2319.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2319", "ID": "CVE-2016-2319",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/2xxx/CVE-2016-2623.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2623", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2623",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

32
2016/2xxx/CVE-2016-2671.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2671", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2671",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

138
2016/3xxx/CVE-2016-3647.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@symantec.com",
"ID" : "CVE-2016-3647", "ID": "CVE-2016-3647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01" "lang": "eng",
}, "value": "Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request."
{ }
"name" : "91433", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91433" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036196", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036196" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01"
},
{
"name": "1036196",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036196"
},
{
"name": "91433",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91433"
}
]
}
} }

148
2016/6xxx/CVE-2016-6334.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-6334", "ID": "CVE-2016-6334",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[MediaWiki-announce] 20160823 Security Release - 1.27.1, 1.26.4, 1.23.15", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Parser::replaceInternalLinks2 method in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving replacement of percent encoding in unclosed internal links."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1369613", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1369613" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://phabricator.wikimedia.org/T137264", "description": [
"refsource" : "CONFIRM", {
"url" : "https://phabricator.wikimedia.org/T137264" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "98057", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/98057" ]
} },
] "references": {
} "reference_data": [
{
"name": "98057",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98057"
},
{
"name": "[MediaWiki-announce] 20160823 Security Release - 1.27.1, 1.26.4, 1.23.15",
"refsource": "MLIST",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369613",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369613"
},
{
"name": "https://phabricator.wikimedia.org/T137264",
"refsource": "CONFIRM",
"url": "https://phabricator.wikimedia.org/T137264"
}
]
}
} }

198
2016/6xxx/CVE-2016-6602.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6602", "ID": "CVE-2016-6602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539159/100/0/threaded" "lang": "eng",
}, "value": "ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit."
{ }
"name" : "40229", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/40229/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Aug/54" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html" ]
}, },
{ "references": {
"name" : "http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosure", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosure" "name": "20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2016/Aug/54"
"name" : "https://blogs.securiteam.com/index.php/archives/2712", },
"refsource" : "MISC", {
"url" : "https://blogs.securiteam.com/index.php/archives/2712" "name": "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them",
}, "refsource": "CONFIRM",
{ "url": "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them"
"name" : "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt", },
"refsource" : "MISC", {
"url" : "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt" "name": "92402",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92402"
"name" : "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them", },
"refsource" : "CONFIRM", {
"url" : "https://forums.webnms.com/topic/recent-vulnerabilities-in-webnms-and-how-to-protect-the-server-against-them" "name": "40229",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/40229/"
"name" : "92402", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92402" "name": "20160808 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/539159/100/0/threaded"
} },
{
"name": "http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosure",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/webnms_cred_disclosure"
},
{
"name": "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138244/WebNMS-Framework-5.2-SP1-Traversal-Weak-Obfuscation-User-Impersonation.html"
},
{
"name": "https://blogs.securiteam.com/index.php/archives/2712",
"refsource": "MISC",
"url": "https://blogs.securiteam.com/index.php/archives/2712"
},
{
"name": "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt",
"refsource": "MISC",
"url": "https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt"
}
]
}
} }

158
2016/6xxx/CVE-2016-6766.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-6766", "ID": "CVE-2016-6766",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
}, },
{ {
"version_value" : "Android-5.0.2" "version_value": "Android-5.0.2"
}, },
{ {
"version_value" : "Android-5.1.1" "version_value": "Android-5.1.1"
}, },
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31318219."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "lang": "eng",
}, "value": "A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31318219."
{ }
"name" : "94688", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94688" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94688",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94688"
},
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
}
]
}
} }

128
2016/6xxx/CVE-2016-6935.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6935", "ID": "CVE-2016-6935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-34.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-34.html" "lang": "eng",
}, "value": "Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory."
{ }
"name" : "93489", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93489" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93489"
},
{
"name": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-34.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-34.html"
}
]
}
} }

148
2016/6xxx/CVE-2016-6936.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6936", "ID": "CVE-2016-6936",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe AIR SDK & Compiler before 23.0.0.257 on Windows does not support Android runtime-analytics transport security, which might allow remote attackers to obtain sensitive information by leveraging access to a network over which analytics data is sent."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-transmission-of-data-in-android-applications-developed-with-adobe-air-cve-2016-6936/", "description_data": [
"refsource" : "MISC", {
"url" : "https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-transmission-of-data-in-android-applications-developed-with-adobe-air-cve-2016-6936/" "lang": "eng",
}, "value": "Adobe AIR SDK & Compiler before 23.0.0.257 on Windows does not support Android runtime-analytics transport security, which might allow remote attackers to obtain sensitive information by leveraging access to a network over which analytics data is sent."
{ }
"name" : "https://helpx.adobe.com/security/products/air/apsb16-31.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/air/apsb16-31.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92926", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92926" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036792", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036792" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://helpx.adobe.com/security/products/air/apsb16-31.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/air/apsb16-31.html"
},
{
"name": "92926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92926"
},
{
"name": "1036792",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036792"
},
{
"name": "https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-transmission-of-data-in-android-applications-developed-with-adobe-air-cve-2016-6936/",
"refsource": "MISC",
"url": "https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-transmission-of-data-in-android-applications-developed-with-adobe-air-cve-2016-6936/"
}
]
}
} }

188
2016/7xxx/CVE-2016-7042.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7042", "ID": "CVE-2016-7042",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/13/5" "lang": "eng",
}, "value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1373966", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1373966" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-01-01.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-01-01.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2017:2669", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2017:2669" ]
}, },
{ "references": {
"name" : "RHSA-2017:0817", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0817.html" "name": "https://source.android.com/security/bulletin/2017-01-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://source.android.com/security/bulletin/2017-01-01.html"
"name" : "RHSA-2017:1842", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1842" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
"name" : "RHSA-2017:2077", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2077" "name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
"name" : "93544", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93544" "name": "RHSA-2017:2669",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2017:2669"
} },
{
"name": "RHSA-2017:0817",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93544"
}
]
}
} }

32
2016/7xxx/CVE-2016-7327.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7327", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7327",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

128
2016/7xxx/CVE-2016-7506.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7506", "ID": "CVE-2016-7506",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.ghostscript.com/show_bug.cgi?id=697141", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.ghostscript.com/show_bug.cgi?id=697141" "lang": "eng",
}, "value": "An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition."
{ }
"name" : "94241", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94241" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.ghostscript.com/show_bug.cgi?id=697141",
"refsource": "CONFIRM",
"url": "http://bugs.ghostscript.com/show_bug.cgi?id=697141"
},
{
"name": "94241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94241"
}
]
}
} }

198
2016/7xxx/CVE-2016-7945.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2016-7945", "ID": "CVE-2016-7945",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/4" "lang": "eng",
}, "value": "Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields."
{ }
"name" : "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries", "description": [
"refsource" : "MLIST", {
"url" : "https://lists.x.org/archives/xorg-announce/2016-October/002720.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5", ]
"refsource" : "CONFIRM", }
"url" : "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5" ]
}, },
{ "references": {
"name" : "FEDORA-2016-8b122b0997", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/" "name": "FEDORA-2016-8b122b0997",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3NTWIWSQ575GREBVAOUQUIMDL5CDVGP/"
"name" : "FEDORA-2016-cabb6d7ef7", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/" "name": "1036945",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036945"
"name" : "GLSA-201704-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201704-03" "name": "GLSA-201704-03",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201704-03"
"name" : "93364", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93364" "name": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5",
}, "refsource": "CONFIRM",
{ "url": "https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5"
"name" : "1036945", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036945" "name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
} "refsource": "MLIST",
] "url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
} },
{
"name": "FEDORA-2016-cabb6d7ef7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVTZ2XLPKLASQUIQA2GMKKAUOQIUMM7I/"
},
{
"name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
},
{
"name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
},
{
"name": "93364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93364"
}
]
}
} }