diff --git a/2019/0xxx/CVE-2019-0540.json b/2019/0xxx/CVE-2019-0540.json index e007d532139..ec6bfccb662 100644 --- a/2019/0xxx/CVE-2019-0540.json +++ b/2019/0xxx/CVE-2019-0540.json @@ -1,130 +1,132 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0540", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - }, - { - "version_value": "Word Viewer" - } - ] - } - }, - { - "product_name": "Microsoft Excel Viewer", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Office 365 ProPlus", - "version": { - "version_data": [ - { - "version_value": "32-bit Systems" - }, - { - "version_value": "64-bit Systems" - } - ] - } - }, - { - "product_name": "Microsoft PowerPoint Viewer", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Office Compatibility Pack", - "version": { - "version_data": [ - { - "version_value": "Service Pack 3" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka \u0027Microsoft Office Security Feature Bypass Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0540", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value" : "2013 RT Service Pack 1" + }, + { + "version_value" : "2016 (32-bit edition)" + }, + { + "version_value" : "2016 (64-bit edition)" + }, + { + "version_value" : "2019 for 32-bit editions" + }, + { + "version_value" : "2019 for 64-bit editions" + }, + { + "version_value" : "Word Viewer" + } + ] + } + }, + { + "product_name" : "Microsoft Excel Viewer", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + }, + { + "product_name" : "Office 365 ProPlus", + "version" : { + "version_data" : [ + { + "version_value" : "32-bit Systems" + }, + { + "version_value" : "64-bit Systems" + } + ] + } + }, + { + "product_name" : "Microsoft PowerPoint Viewer", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + }, + { + "product_name" : "Microsoft Office Compatibility Pack", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 3" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0590.json b/2019/0xxx/CVE-2019-0590.json index d1ac7f2eea1..c38fc9aa3e1 100644 --- a/2019/0xxx/CVE-2019-0590.json +++ b/2019/0xxx/CVE-2019-0590.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0590", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0590", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0591.json b/2019/0xxx/CVE-2019-0591.json index 9fb250a91bf..c078af69a8b 100644 --- a/2019/0xxx/CVE-2019-0591.json +++ b/2019/0xxx/CVE-2019-0591.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0591", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0591", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0593.json b/2019/0xxx/CVE-2019-0593.json index a47121ab3a3..aedb10fdf23 100644 --- a/2019/0xxx/CVE-2019-0593.json +++ b/2019/0xxx/CVE-2019-0593.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0593", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0593", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0594.json b/2019/0xxx/CVE-2019-0594.json index bf685073aea..c947007bba7 100644 --- a/2019/0xxx/CVE-2019-0594.json +++ b/2019/0xxx/CVE-2019-0594.json @@ -1,83 +1,85 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0594", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft SharePoint Server", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2" - }, - { - "version_value": "2019" - } - ] - } - }, - { - "product_name": "Microsoft SharePoint Foundation", - "version": { - "version_data": [ - { - "version_value": "2013 Service Pack 1" - } - ] - } - }, - { - "product_name": "Microsoft SharePoint Enterprise Server", - "version": { - "version_data": [ - { - "version_value": "2016" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka \u0027Microsoft SharePoint Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0604." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0594", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft SharePoint Server", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2" + }, + { + "version_value" : "2019" + } + ] + } + }, + { + "product_name" : "Microsoft SharePoint Foundation", + "version" : { + "version_data" : [ + { + "version_value" : "2013 Service Pack 1" + } + ] + } + }, + { + "product_name" : "Microsoft SharePoint Enterprise Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0595.json b/2019/0xxx/CVE-2019-0595.json index ecaefca9d2d..0b672b66e99 100644 --- a/2019/0xxx/CVE-2019-0595.json +++ b/2019/0xxx/CVE-2019-0595.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0595", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599, CVE-2019-0625." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0595" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0595", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599, CVE-2019-0625." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0595", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0595" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0596.json b/2019/0xxx/CVE-2019-0596.json index f296b10593e..cf0ea10e6da 100644 --- a/2019/0xxx/CVE-2019-0596.json +++ b/2019/0xxx/CVE-2019-0596.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0596", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0595, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599, CVE-2019-0625." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0596" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0596", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599, CVE-2019-0625." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0596", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0596" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0597.json b/2019/0xxx/CVE-2019-0597.json index ea586061048..e970bfc3f58 100644 --- a/2019/0xxx/CVE-2019-0597.json +++ b/2019/0xxx/CVE-2019-0597.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0597", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0598, CVE-2019-0599, CVE-2019-0625." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0597" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0597", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0598, CVE-2019-0599, CVE-2019-0625." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0597", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0597" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0598.json b/2019/0xxx/CVE-2019-0598.json index 85fddad1e32..934cbc35478 100644 --- a/2019/0xxx/CVE-2019-0598.json +++ b/2019/0xxx/CVE-2019-0598.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0598", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0599, CVE-2019-0625." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0598" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0598", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0599, CVE-2019-0625." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0598", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0598" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0599.json b/2019/0xxx/CVE-2019-0599.json index 5ea888e4822..1c1c0d064a7 100644 --- a/2019/0xxx/CVE-2019-0599.json +++ b/2019/0xxx/CVE-2019-0599.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0599", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0625." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0599" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0599", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0625." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0599", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0599" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0600.json b/2019/0xxx/CVE-2019-0600.json index ea92a970802..cfe94ca8a07 100644 --- a/2019/0xxx/CVE-2019-0600.json +++ b/2019/0xxx/CVE-2019-0600.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0600", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka \u0027HID Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0601." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0600" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0600", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0600", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0600" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0601.json b/2019/0xxx/CVE-2019-0601.json index d9eeb93faf9..d416bc3c002 100644 --- a/2019/0xxx/CVE-2019-0601.json +++ b/2019/0xxx/CVE-2019-0601.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0601", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka \u0027HID Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0600." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0601" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0601", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0601", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0601" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0602.json b/2019/0xxx/CVE-2019-0602.json index f96b463e78a..2f1c9a8acad 100644 --- a/2019/0xxx/CVE-2019-0602.json +++ b/2019/0xxx/CVE-2019-0602.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0602", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0602", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0604.json b/2019/0xxx/CVE-2019-0604.json index 0466166296b..a2b4dbc8877 100644 --- a/2019/0xxx/CVE-2019-0604.json +++ b/2019/0xxx/CVE-2019-0604.json @@ -1,83 +1,85 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0604", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft SharePoint Server", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2" - }, - { - "version_value": "2019" - } - ] - } - }, - { - "product_name": "Microsoft SharePoint Foundation", - "version": { - "version_data": [ - { - "version_value": "2013 Service Pack 1" - } - ] - } - }, - { - "product_name": "Microsoft SharePoint Enterprise Server", - "version": { - "version_data": [ - { - "version_value": "2016" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka \u0027Microsoft SharePoint Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0594." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0604", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft SharePoint Server", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2" + }, + { + "version_value" : "2019" + } + ] + } + }, + { + "product_name" : "Microsoft SharePoint Foundation", + "version" : { + "version_data" : [ + { + "version_value" : "2013 Service Pack 1" + } + ] + } + }, + { + "product_name" : "Microsoft SharePoint Enterprise Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0605.json b/2019/0xxx/CVE-2019-0605.json index 4fb3ef9ccfd..63c3d1dec31 100644 --- a/2019/0xxx/CVE-2019-0605.json +++ b/2019/0xxx/CVE-2019-0605.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0605", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0605", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0606.json b/2019/0xxx/CVE-2019-0606.json index bc629dedbc9..d47ded4f632 100644 --- a/2019/0xxx/CVE-2019-0606.json +++ b/2019/0xxx/CVE-2019-0606.json @@ -1,129 +1,131 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0606", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Internet Explorer 11", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka \u0027Internet Explorer Memory Corruption Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0606", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Internet Explorer 11", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0607.json b/2019/0xxx/CVE-2019-0607.json index a4d6682ad4e..44ed02d5627 100644 --- a/2019/0xxx/CVE-2019-0607.json +++ b/2019/0xxx/CVE-2019-0607.json @@ -1,97 +1,99 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0607", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0607", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0610.json b/2019/0xxx/CVE-2019-0610.json index 39fdcf9d029..481b14bb55f 100644 --- a/2019/0xxx/CVE-2019-0610.json +++ b/2019/0xxx/CVE-2019-0610.json @@ -1,103 +1,105 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0610", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0610", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0613.json b/2019/0xxx/CVE-2019-0613.json index ccd5488a982..c9b7284442e 100644 --- a/2019/0xxx/CVE-2019-0613.json +++ b/2019/0xxx/CVE-2019-0613.json @@ -1,400 +1,402 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0613", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft .NET Framework 4.5.2", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft Visual Studio", - "version": { - "version_data": [ - { - "version_value": "2017" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1803 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows Server 2019 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1709 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft Visual Studio 2017", - "version": { - "version_data": [ - { - "version_value": "version 15.9" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016 (Server Core installation)" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1709 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1803 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows Server 2019 (Server Core installation)" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.0", - "version": { - "version_data": [ - { - "version_value": "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 2.0", - "version": { - "version_data": [ - { - "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5.1", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka \u0027.NET Framework and Visual Studio Remote Code Execution Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0613", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft .NET Framework 4.5.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2012" + }, + { + "version_value" : "Windows Server 2012 (Server Core installation)" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows Server 2012 R2 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft Visual Studio", + "version" : { + "version_data" : [ + { + "version_value" : "2017" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1803 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows Server 2019 (Server Core installation)" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6/4.6.1/4.6.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2012" + }, + { + "version_value" : "Windows Server 2012 (Server Core installation)" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows Server 2012 R2 (Server Core installation)" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016 (Server Core installation)" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.7/4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1709 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft Visual Studio 2017", + "version" : { + "version_data" : [ + { + "version_value" : "version 15.9" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 3.5", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2012" + }, + { + "version_value" : "Windows Server 2012 (Server Core installation)" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows Server 2012 R2 (Server Core installation)" + }, + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016 (Server Core installation)" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1709 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1803 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows Server 2019 (Server Core installation)" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 3.0", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 2.0", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 3.5.1", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0615.json b/2019/0xxx/CVE-2019-0615.json index 5d395d29f61..d845a456611 100644 --- a/2019/0xxx/CVE-2019-0615.json +++ b/2019/0xxx/CVE-2019-0615.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0615", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0602, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0615" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0615", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0615", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0615" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0616.json b/2019/0xxx/CVE-2019-0616.json index aa733629d3d..f9955cc01c8 100644 --- a/2019/0xxx/CVE-2019-0616.json +++ b/2019/0xxx/CVE-2019-0616.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0616", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0616" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0616", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0616", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0616" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0618.json b/2019/0xxx/CVE-2019-0618.json index 58c05eb4d59..d2bc02f270c 100644 --- a/2019/0xxx/CVE-2019-0618.json +++ b/2019/0xxx/CVE-2019-0618.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0618", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka \u0027GDI+ Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0662." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0618" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0618", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0662." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0618", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0618" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0619.json b/2019/0xxx/CVE-2019-0619.json index f293ee26479..f956c71c2c5 100644 --- a/2019/0xxx/CVE-2019-0619.json +++ b/2019/0xxx/CVE-2019-0619.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0619", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0660, CVE-2019-0664." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0619" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0619", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0660, CVE-2019-0664." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0619", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0619" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0621.json b/2019/0xxx/CVE-2019-0621.json index fa39e9eef73..7ca8087a8d6 100644 --- a/2019/0xxx/CVE-2019-0621.json +++ b/2019/0xxx/CVE-2019-0621.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0621", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \u0027Windows Kernel Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0621" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0621", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0621", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0621" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0623.json b/2019/0xxx/CVE-2019-0623.json index 53f5bef7098..9bd6817f68e 100644 --- a/2019/0xxx/CVE-2019-0623.json +++ b/2019/0xxx/CVE-2019-0623.json @@ -1,163 +1,165 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0623", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0623" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0623", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0623", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0623" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0625.json b/2019/0xxx/CVE-2019-0625.json index cb74557d7f4..5ab85a61556 100644 --- a/2019/0xxx/CVE-2019-0625.json +++ b/2019/0xxx/CVE-2019-0625.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0625", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0625" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0625", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0625", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0625" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0626.json b/2019/0xxx/CVE-2019-0626.json index c3640b87e35..5d406846e32 100644 --- a/2019/0xxx/CVE-2019-0626.json +++ b/2019/0xxx/CVE-2019-0626.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0626", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka \u0027Windows DHCP Server Remote Code Execution Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0626" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0626", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0626", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0626" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0627.json b/2019/0xxx/CVE-2019-0627.json index 0550b64b03b..a90fc2493c4 100644 --- a/2019/0xxx/CVE-2019-0627.json +++ b/2019/0xxx/CVE-2019-0627.json @@ -1,140 +1,142 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0627", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - }, - { - "product_name": "PowerShell Core", - "version": { - "version_data": [ - { - "version_value": "6.1" - }, - { - "version_value": "6.2" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \u0027Windows Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0627", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + }, + { + "product_name" : "PowerShell Core", + "version" : { + "version_data" : [ + { + "version_value" : "6.1" + }, + { + "version_value" : "6.2" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0628.json b/2019/0xxx/CVE-2019-0628.json index 29162e37dab..252e589d2ae 100644 --- a/2019/0xxx/CVE-2019-0628.json +++ b/2019/0xxx/CVE-2019-0628.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0628", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka \u0027Win32k Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0628" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0628", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0628", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0628" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0630.json b/2019/0xxx/CVE-2019-0630.json index 59aa14e4b33..e4f0b3f496a 100644 --- a/2019/0xxx/CVE-2019-0630.json +++ b/2019/0xxx/CVE-2019-0630.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0630", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \u0027Windows SMB Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0633." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0630" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0630", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0630", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0630" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0631.json b/2019/0xxx/CVE-2019-0631.json index ad76b37069f..b60f059a920 100644 --- a/2019/0xxx/CVE-2019-0631.json +++ b/2019/0xxx/CVE-2019-0631.json @@ -1,140 +1,142 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0631", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - }, - { - "product_name": "PowerShell Core", - "version": { - "version_data": [ - { - "version_value": "6.1" - }, - { - "version_value": "6.2" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \u0027Windows Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0631" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0631", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + }, + { + "product_name" : "PowerShell Core", + "version" : { + "version_data" : [ + { + "version_value" : "6.1" + }, + { + "version_value" : "6.2" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0631", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0631" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0632.json b/2019/0xxx/CVE-2019-0632.json index 0598d572f87..19d1c2ddc35 100644 --- a/2019/0xxx/CVE-2019-0632.json +++ b/2019/0xxx/CVE-2019-0632.json @@ -1,140 +1,142 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0632", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - }, - { - "product_name": "PowerShell Core", - "version": { - "version_data": [ - { - "version_value": "6.1" - }, - { - "version_value": "6.2" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \u0027Windows Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0632" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0632", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + }, + { + "product_name" : "PowerShell Core", + "version" : { + "version_data" : [ + { + "version_value" : "6.1" + }, + { + "version_value" : "6.2" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0632", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0632" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0633.json b/2019/0xxx/CVE-2019-0633.json index 7aa0b66f3f8..6d409c515fe 100644 --- a/2019/0xxx/CVE-2019-0633.json +++ b/2019/0xxx/CVE-2019-0633.json @@ -1,148 +1,150 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0633", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - }, - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \u0027Windows SMB Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0630." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0633" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0633", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + }, + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0633", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0633" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0634.json b/2019/0xxx/CVE-2019-0634.json index 6fd326ee80b..9355a767e27 100644 --- a/2019/0xxx/CVE-2019-0634.json +++ b/2019/0xxx/CVE-2019-0634.json @@ -1,93 +1,95 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0634", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \u0027Microsoft Edge Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0634", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0635.json b/2019/0xxx/CVE-2019-0635.json index be7e04c95f9..cb8b164c630 100644 --- a/2019/0xxx/CVE-2019-0635.json +++ b/2019/0xxx/CVE-2019-0635.json @@ -1,130 +1,132 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0635", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka \u0027Windows Hyper-V Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0635", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0636.json b/2019/0xxx/CVE-2019-0636.json index d63902861ae..5a541bae6fb 100644 --- a/2019/0xxx/CVE-2019-0636.json +++ b/2019/0xxx/CVE-2019-0636.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0636", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information vulnerability exists when Windows improperly discloses file information, aka \u0027Windows Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0636", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0637.json b/2019/0xxx/CVE-2019-0637.json index 626cd056f33..9e387072a01 100644 --- a/2019/0xxx/CVE-2019-0637.json +++ b/2019/0xxx/CVE-2019-0637.json @@ -1,103 +1,105 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0637", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka \u0027Windows Defender Firewall Security Feature Bypass Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0637", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature Bypass Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0640.json b/2019/0xxx/CVE-2019-0640.json index 6071d81668b..e687168fffb 100644 --- a/2019/0xxx/CVE-2019-0640.json +++ b/2019/0xxx/CVE-2019-0640.json @@ -1,103 +1,105 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0640", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0640", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0641.json b/2019/0xxx/CVE-2019-0641.json index 856ce69e7b3..5df343c717c 100644 --- a/2019/0xxx/CVE-2019-0641.json +++ b/2019/0xxx/CVE-2019-0641.json @@ -1,93 +1,95 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0641", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka \u0027Microsoft Edge Security Feature Bypass Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0641" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0641", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0641", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0641" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0642.json b/2019/0xxx/CVE-2019-0642.json index 67f44054c41..2da68848ea1 100644 --- a/2019/0xxx/CVE-2019-0642.json +++ b/2019/0xxx/CVE-2019-0642.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0642", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0642", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0643.json b/2019/0xxx/CVE-2019-0643.json index f8abf28f928..3132b6a4792 100644 --- a/2019/0xxx/CVE-2019-0643.json +++ b/2019/0xxx/CVE-2019-0643.json @@ -1,69 +1,71 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0643", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka \u0027Microsoft Edge Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0643" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0643", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0643", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0643" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0644.json b/2019/0xxx/CVE-2019-0644.json index b5057113095..5043ef3b41b 100644 --- a/2019/0xxx/CVE-2019-0644.json +++ b/2019/0xxx/CVE-2019-0644.json @@ -1,112 +1,114 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0644", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0644", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0645.json b/2019/0xxx/CVE-2019-0645.json index bba5f093c3d..5948c35d9a3 100644 --- a/2019/0xxx/CVE-2019-0645.json +++ b/2019/0xxx/CVE-2019-0645.json @@ -1,108 +1,110 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0645", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \u0027Microsoft Edge Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0634, CVE-2019-0650." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0645" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0645", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0650." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0645", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0645" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0648.json b/2019/0xxx/CVE-2019-0648.json index 0a78142dc56..f62320a9468 100644 --- a/2019/0xxx/CVE-2019-0648.json +++ b/2019/0xxx/CVE-2019-0648.json @@ -1,69 +1,71 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0648", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory, aka Scripting Engine Information Disclosure Vulnerability. This CVE ID is unique from CVE-2019-0658." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0648", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory, aka Scripting Engine Information Disclosure Vulnerability. This CVE ID is unique from CVE-2019-0658." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0649.json b/2019/0xxx/CVE-2019-0649.json index 6ebb041e74e..001c8ccecad 100644 --- a/2019/0xxx/CVE-2019-0649.json +++ b/2019/0xxx/CVE-2019-0649.json @@ -1,103 +1,105 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0649", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A vulnerability exists in Microsoft Chakra JIT server, aka \u0027Scripting Engine Elevation of Privileged Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0649", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0650.json b/2019/0xxx/CVE-2019-0650.json index d53622924a0..105bf0bf341 100644 --- a/2019/0xxx/CVE-2019-0650.json +++ b/2019/0xxx/CVE-2019-0650.json @@ -1,78 +1,80 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0650", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \u0027Microsoft Edge Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0634, CVE-2019-0645." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0650" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0650", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0645." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0650", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0650" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0651.json b/2019/0xxx/CVE-2019-0651.json index e48bade64e6..e5d9f5782f9 100644 --- a/2019/0xxx/CVE-2019-0651.json +++ b/2019/0xxx/CVE-2019-0651.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0651", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0651", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0652.json b/2019/0xxx/CVE-2019-0652.json index 00b753efebb..69c56f1abdd 100644 --- a/2019/0xxx/CVE-2019-0652.json +++ b/2019/0xxx/CVE-2019-0652.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0652", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0652", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0654.json b/2019/0xxx/CVE-2019-0654.json index 1978c7f8023..bf5b0bedf57 100644 --- a/2019/0xxx/CVE-2019-0654.json +++ b/2019/0xxx/CVE-2019-0654.json @@ -1,210 +1,212 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0654", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Internet Explorer 9", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Internet Explorer 11", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Internet Explorer 10", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2012" - } - ] - } - }, - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka \u0027Microsoft Browser Spoofing Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Spoofing" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0654" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0654", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Internet Explorer 9", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Internet Explorer 11", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Internet Explorer 10", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2012" + } + ] + } + }, + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Spoofing" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0654", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0654" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0655.json b/2019/0xxx/CVE-2019-0655.json index 919a004ee3f..b46300093a3 100644 --- a/2019/0xxx/CVE-2019-0655.json +++ b/2019/0xxx/CVE-2019-0655.json @@ -1,118 +1,120 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0655", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0655", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0656.json b/2019/0xxx/CVE-2019-0656.json index 0f1fe106679..736cd07858b 100644 --- a/2019/0xxx/CVE-2019-0656.json +++ b/2019/0xxx/CVE-2019-0656.json @@ -1,142 +1,144 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0656", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka \u0027Windows Kernel Elevation of Privilege Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0656", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0657.json b/2019/0xxx/CVE-2019-0657.json index 4878108ad2f..def54e0be80 100644 --- a/2019/0xxx/CVE-2019-0657.json +++ b/2019/0xxx/CVE-2019-0657.json @@ -1,423 +1,425 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0657", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft .NET Framework 4.5.2", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": ".NET Core", - "version": { - "version_data": [ - { - "version_value": "1" - }, - { - "version_value": "2.1" - }, - { - "version_value": "2.2" - } - ] - } - }, - { - "product_name": "Microsoft Visual Studio", - "version": { - "version_data": [ - { - "version_value": "2017" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1803 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows Server 2019 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016 (Server Core installation)" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.7/4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 4.7.1/4.7.2", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1709 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "PowerShell Core", - "version": { - "version_data": [ - { - "version_value": "6.1" - }, - { - "version_value": "6.2" - } - ] - } - }, - { - "product_name": "Microsoft Visual Studio 2017", - "version": { - "version_data": [ - { - "version_value": "version 15.9" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2012" - }, - { - "version_value": "Windows Server 2012 (Server Core installation)" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1709 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows Server, version 1803 (Server Core Installation)" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows Server 2019 (Server Core installation)" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.0", - "version": { - "version_data": [ - { - "version_value": "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 2.0", - "version": { - "version_data": [ - { - "version_value": "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" - } - ] - } - }, - { - "product_name": "Microsoft .NET Framework 3.5.1", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value": "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Spoofing" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0657", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft .NET Framework 4.5.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2012" + }, + { + "version_value" : "Windows Server 2012 (Server Core installation)" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows Server 2012 R2 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : ".NET Core", + "version" : { + "version_data" : [ + { + "version_value" : "1" + }, + { + "version_value" : "2.1" + }, + { + "version_value" : "2.2" + } + ] + } + }, + { + "product_name" : "Microsoft Visual Studio", + "version" : { + "version_data" : [ + { + "version_value" : "2017" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1803 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows Server 2019 (Server Core installation)" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6/4.6.1/4.6.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2012" + }, + { + "version_value" : "Windows Server 2012 (Server Core installation)" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows Server 2012 R2 (Server Core installation)" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016 (Server Core installation)" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.7/4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 4.7.1/4.7.2", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1709 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "PowerShell Core", + "version" : { + "version_data" : [ + { + "version_value" : "6.1" + }, + { + "version_value" : "6.2" + } + ] + } + }, + { + "product_name" : "Microsoft Visual Studio 2017", + "version" : { + "version_data" : [ + { + "version_value" : "version 15.9" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 3.5", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2012" + }, + { + "version_value" : "Windows Server 2012 (Server Core installation)" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows Server 2012 R2 (Server Core installation)" + }, + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1709 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows Server, version 1803 (Server Core Installation)" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows Server 2019 (Server Core installation)" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 3.0", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 2.0", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" + } + ] + } + }, + { + "product_name" : "Microsoft .NET Framework 3.5.1", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value" : "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Spoofing" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0658.json b/2019/0xxx/CVE-2019-0658.json index 05c23509184..9a490a779a5 100644 --- a/2019/0xxx/CVE-2019-0658.json +++ b/2019/0xxx/CVE-2019-0658.json @@ -1,103 +1,105 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0658", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Edge", - "version": { - "version_data": [ - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "ChakraCore", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0648." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0658", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "ChakraCore", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0659.json b/2019/0xxx/CVE-2019-0659.json index b33f4fdd397..a052819f619 100644 --- a/2019/0xxx/CVE-2019-0659.json +++ b/2019/0xxx/CVE-2019-0659.json @@ -1,127 +1,129 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0659", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka \u0027Windows Storage Service Elevation of Privilege Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0659" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0659", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0659", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0659" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0660.json b/2019/0xxx/CVE-2019-0660.json index 2498c228784..e64616f718f 100644 --- a/2019/0xxx/CVE-2019-0660.json +++ b/2019/0xxx/CVE-2019-0660.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0660", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0664." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0660" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0660", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0664." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0660", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0660" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0661.json b/2019/0xxx/CVE-2019-0661.json index 8aa14e5be2a..a4ea482bbbe 100644 --- a/2019/0xxx/CVE-2019-0661.json +++ b/2019/0xxx/CVE-2019-0661.json @@ -1,100 +1,102 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0661", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \u0027Windows Kernel Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0661" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0661", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0661", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0661" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0662.json b/2019/0xxx/CVE-2019-0662.json index 9f49f62d9bd..03077be077c 100644 --- a/2019/0xxx/CVE-2019-0662.json +++ b/2019/0xxx/CVE-2019-0662.json @@ -1,178 +1,180 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0662", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "10 Version 1803 for x64-based Systems" - }, - { - "version_value": "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - }, - { - "version_value": "version 1803 (Core Installation)" - }, - { - "version_value": "2019" - }, - { - "version_value": "2019 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka \u0027GDI+ Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0618." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0662" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0662", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + }, + { + "version_value" : "version 1803 (Core Installation)" + }, + { + "version_value" : "2019" + }, + { + "version_value" : "2019 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0618." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0662", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0662" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0663.json b/2019/0xxx/CVE-2019-0663.json index 740362b2bc6..d7d8e02b75a 100644 --- a/2019/0xxx/CVE-2019-0663.json +++ b/2019/0xxx/CVE-2019-0663.json @@ -1,136 +1,138 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0663", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - }, - { - "version_value": "10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "10 Version 1703 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "10 Version 1709 for x64-based Systems" - }, - { - "version_value": "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2016" - }, - { - "version_value": "2016 (Core installation)" - }, - { - "version_value": "version 1709 (Core Installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka \u0027Windows Kernel Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0621, CVE-2019-0661." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0663" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0663", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + }, + { + "version_value" : "10 for 32-bit Systems" + }, + { + "version_value" : "10 for x64-based Systems" + }, + { + "version_value" : "10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2016" + }, + { + "version_value" : "2016 (Core installation)" + }, + { + "version_value" : "version 1709 (Core Installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0661." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0663", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0663" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0664.json b/2019/0xxx/CVE-2019-0664.json index 58c30076ac2..422827c30d0 100644 --- a/2019/0xxx/CVE-2019-0664.json +++ b/2019/0xxx/CVE-2019-0664.json @@ -1,115 +1,117 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0664", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "8.1 for 32-bit systems" - }, - { - "version_value": "8.1 for x64-based systems" - }, - { - "version_value": "RT 8.1" - } - ] - } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" - }, - { - "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value": "2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" - }, - { - "version_value": "2012" - }, - { - "version_value": "2012 (Core installation)" - }, - { - "version_value": "2012 R2" - }, - { - "version_value": "2012 R2 (Core installation)" - }, - { - "version_value": "2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value": "2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2" - }, - { - "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0664", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Windows", + "version" : { + "version_data" : [ + { + "version_value" : "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "8.1 for 32-bit systems" + }, + { + "version_value" : "8.1 for x64-based systems" + }, + { + "version_value" : "RT 8.1" + } + ] + } + }, + { + "product_name" : "Windows Server", + "version" : { + "version_data" : [ + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value" : "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value" : "2012" + }, + { + "version_value" : "2012 (Core installation)" + }, + { + "version_value" : "2012 R2" + }, + { + "version_value" : "2012 R2 (Core installation)" + }, + { + "version_value" : "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value" : "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0668.json b/2019/0xxx/CVE-2019-0668.json index 430ac59959b..1bb92987251 100644 --- a/2019/0xxx/CVE-2019-0668.json +++ b/2019/0xxx/CVE-2019-0668.json @@ -1,63 +1,65 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0668", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft SharePoint Enterprise Server", - "version": { - "version_data": [ - { - "version_value": "2016" - }, - { - "version_value": "2013 Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \u0027Microsoft SharePoint Elevation of Privilege Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0668", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft SharePoint Enterprise Server", + "version" : { + "version_data" : [ + { + "version_value" : "2016" + }, + { + "version_value" : "2013 Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0669.json b/2019/0xxx/CVE-2019-0669.json index e2bf46c73c7..f7c6b36cea8 100644 --- a/2019/0xxx/CVE-2019-0669.json +++ b/2019/0xxx/CVE-2019-0669.json @@ -1,136 +1,138 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0669", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Excel", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - } - ] - } - }, - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2016 for Mac" - }, - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - }, - { - "version_value": "2019 for Mac" - } - ] - } - }, - { - "product_name": "Microsoft Excel Viewer", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Office 365 ProPlus", - "version": { - "version_data": [ - { - "version_value": "32-bit Systems" - }, - { - "version_value": "64-bit Systems" - } - ] - } - }, - { - "product_name": "Microsoft Office Compatibility Pack", - "version": { - "version_data": [ - { - "version_value": "Service Pack 3" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \u0027Microsoft Excel Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0669", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Excel", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value" : "2013 RT Service Pack 1" + }, + { + "version_value" : "2016 (32-bit edition)" + }, + { + "version_value" : "2016 (64-bit edition)" + } + ] + } + }, + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2016 for Mac" + }, + { + "version_value" : "2019 for 32-bit editions" + }, + { + "version_value" : "2019 for 64-bit editions" + }, + { + "version_value" : "2019 for Mac" + } + ] + } + }, + { + "product_name" : "Microsoft Excel Viewer", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + }, + { + "product_name" : "Office 365 ProPlus", + "version" : { + "version_data" : [ + { + "version_value" : "32-bit Systems" + }, + { + "version_value" : "64-bit Systems" + } + ] + } + }, + { + "product_name" : "Microsoft Office Compatibility Pack", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 3" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Security Feature Bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0670.json b/2019/0xxx/CVE-2019-0670.json index 3ff10cb0a78..50afcc6d86c 100644 --- a/2019/0xxx/CVE-2019-0670.json +++ b/2019/0xxx/CVE-2019-0670.json @@ -1,70 +1,72 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0670", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft SharePoint Foundation", - "version": { - "version_data": [ - { - "version_value": "2013 Service Pack 1" - } - ] - } - }, - { - "product_name": "Microsoft SharePoint Enterprise Server", - "version": { - "version_data": [ - { - "version_value": "2013 Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka \u0027Microsoft SharePoint Spoofing Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Spoofing" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0670" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0670", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft SharePoint Foundation", + "version" : { + "version_data" : [ + { + "version_value" : "2013 Service Pack 1" + } + ] + } + }, + { + "product_name" : "Microsoft SharePoint Enterprise Server", + "version" : { + "version_data" : [ + { + "version_value" : "2013 Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Spoofing" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0670", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0670" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0671.json b/2019/0xxx/CVE-2019-0671.json index 995391598a6..544435d201d 100644 --- a/2019/0xxx/CVE-2019-0671.json +++ b/2019/0xxx/CVE-2019-0671.json @@ -1,97 +1,99 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0671", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - } - ] - } - }, - { - "product_name": "Office 365 ProPlus", - "version": { - "version_data": [ - { - "version_value": "32-bit Systems" - }, - { - "version_value": "64-bit Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \u0027Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0672, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0671" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0671", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value" : "2013 RT Service Pack 1" + }, + { + "version_value" : "2016 (32-bit edition)" + }, + { + "version_value" : "2016 (64-bit edition)" + }, + { + "version_value" : "2019 for 32-bit editions" + }, + { + "version_value" : "2019 for 64-bit editions" + } + ] + } + }, + { + "product_name" : "Office 365 ProPlus", + "version" : { + "version_data" : [ + { + "version_value" : "32-bit Systems" + }, + { + "version_value" : "64-bit Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0672, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0671", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0671" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0672.json b/2019/0xxx/CVE-2019-0672.json index efe622c3949..77feb5e89e7 100644 --- a/2019/0xxx/CVE-2019-0672.json +++ b/2019/0xxx/CVE-2019-0672.json @@ -1,97 +1,99 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0672", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - } - ] - } - }, - { - "product_name": "Office 365 ProPlus", - "version": { - "version_data": [ - { - "version_value": "32-bit Systems" - }, - { - "version_value": "64-bit Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \u0027Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0671, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0672" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0672", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value" : "2013 RT Service Pack 1" + }, + { + "version_value" : "2016 (32-bit edition)" + }, + { + "version_value" : "2016 (64-bit edition)" + }, + { + "version_value" : "2019 for 32-bit editions" + }, + { + "version_value" : "2019 for 64-bit editions" + } + ] + } + }, + { + "product_name" : "Office 365 ProPlus", + "version" : { + "version_data" : [ + { + "version_value" : "32-bit Systems" + }, + { + "version_value" : "64-bit Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0672", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0672" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0673.json b/2019/0xxx/CVE-2019-0673.json index a50d720b8fb..ee83abcd1ed 100644 --- a/2019/0xxx/CVE-2019-0673.json +++ b/2019/0xxx/CVE-2019-0673.json @@ -1,97 +1,99 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0673", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - } - ] - } - }, - { - "product_name": "Office 365 ProPlus", - "version": { - "version_data": [ - { - "version_value": "32-bit Systems" - }, - { - "version_value": "64-bit Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \u0027Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0674, CVE-2019-0675." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0673" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0673", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value" : "2013 RT Service Pack 1" + }, + { + "version_value" : "2016 (32-bit edition)" + }, + { + "version_value" : "2016 (64-bit edition)" + }, + { + "version_value" : "2019 for 32-bit editions" + }, + { + "version_value" : "2019 for 64-bit editions" + } + ] + } + }, + { + "product_name" : "Office 365 ProPlus", + "version" : { + "version_data" : [ + { + "version_value" : "32-bit Systems" + }, + { + "version_value" : "64-bit Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0674, CVE-2019-0675." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0673", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0673" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0674.json b/2019/0xxx/CVE-2019-0674.json index 2e9622bda1c..414cfb70b5c 100644 --- a/2019/0xxx/CVE-2019-0674.json +++ b/2019/0xxx/CVE-2019-0674.json @@ -1,97 +1,99 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0674", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value": "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value": "2013 RT Service Pack 1" - }, - { - "version_value": "2016 (32-bit edition)" - }, - { - "version_value": "2016 (64-bit edition)" - }, - { - "version_value": "2019 for 32-bit editions" - }, - { - "version_value": "2019 for 64-bit editions" - } - ] - } - }, - { - "product_name": "Office 365 ProPlus", - "version": { - "version_data": [ - { - "version_value": "32-bit Systems" - }, - { - "version_value": "64-bit Systems" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \u0027Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-2019-0675." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0674" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0674", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value" : "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value" : "2013 RT Service Pack 1" + }, + { + "version_value" : "2016 (32-bit edition)" + }, + { + "version_value" : "2016 (64-bit edition)" + }, + { + "version_value" : "2019 for 32-bit editions" + }, + { + "version_value" : "2019 for 64-bit editions" + } + ] + } + }, + { + "product_name" : "Office 365 ProPlus", + "version" : { + "version_data" : [ + { + "version_value" : "32-bit Systems" + }, + { + "version_value" : "64-bit Systems" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-2019-0675." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0674", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0674" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0675.json b/2019/0xxx/CVE-2019-0675.json index a368037b242..cb9127c7d87 100644 --- a/2019/0xxx/CVE-2019-0675.json +++ b/2019/0xxx/CVE-2019-0675.json @@ -1,63 +1,65 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0675", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Office", - "version": { - "version_data": [ - { - "version_value": "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value": "2010 Service Pack 2 (64-bit editions)" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \u0027Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-2019-0674." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0675" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0675", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + { + "version_value" : "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value" : "2010 Service Pack 2 (64-bit editions)" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-2019-0674." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0675", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0675" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0676.json b/2019/0xxx/CVE-2019-0676.json index 24a0d5fd5be..af59f41cb67 100644 --- a/2019/0xxx/CVE-2019-0676.json +++ b/2019/0xxx/CVE-2019-0676.json @@ -1,139 +1,141 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0676", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Internet Explorer 11", - "version": { - "version_data": [ - { - "version_value": "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value": "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value": "Windows 8.1 for 32-bit systems" - }, - { - "version_value": "Windows 8.1 for x64-based systems" - }, - { - "version_value": "Windows Server 2012 R2" - }, - { - "version_value": "Windows RT 8.1" - }, - { - "version_value": "Windows 10 for 32-bit Systems" - }, - { - "version_value": "Windows 10 for x64-based Systems" - }, - { - "version_value": "Windows Server 2016" - }, - { - "version_value": "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value": "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value": "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "Windows Server 2019" - }, - { - "version_value": "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name": "Internet Explorer 10", - "version": { - "version_data": [ - { - "version_value": "Windows Server 2012" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka \u0027Internet Explorer Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0676", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Internet Explorer 11", + "version" : { + "version_data" : [ + { + "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value" : "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value" : "Windows 8.1 for 32-bit systems" + }, + { + "version_value" : "Windows 8.1 for x64-based systems" + }, + { + "version_value" : "Windows Server 2012 R2" + }, + { + "version_value" : "Windows RT 8.1" + }, + { + "version_value" : "Windows 10 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 for x64-based Systems" + }, + { + "version_value" : "Windows Server 2016" + }, + { + "version_value" : "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value" : "Windows Server 2019" + }, + { + "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name" : "Internet Explorer 10", + "version" : { + "version_data" : [ + { + "version_value" : "Windows Server 2012" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0686.json b/2019/0xxx/CVE-2019-0686.json index e8a3da08ed3..d6a10fd0248 100644 --- a/2019/0xxx/CVE-2019-0686.json +++ b/2019/0xxx/CVE-2019-0686.json @@ -1,90 +1,92 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0686", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Exchange Server 2010", - "version": { - "version_data": [ - { - "version_value": "Service Pack 3 Update Rollup 26" - } - ] - } - }, - { - "product_name": "Microsoft Exchange Server 2013", - "version": { - "version_data": [ - { - "version_value": "Cumulative Update 22" - } - ] - } - }, - { - "product_name": "Microsoft Exchange Server 2016", - "version": { - "version_data": [ - { - "version_value": "Cumulative Update 12" - } - ] - } - }, - { - "product_name": "Microsoft Exchange Server 2019", - "version": { - "version_data": [ - { - "version_value": "Cumulative Update 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka \u0027Microsoft Exchange Server Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0724." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0686", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Exchange Server 2010", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 3 Update Rollup 26" + } + ] + } + }, + { + "product_name" : "Microsoft Exchange Server 2013", + "version" : { + "version_data" : [ + { + "version_value" : "Cumulative Update 22" + } + ] + } + }, + { + "product_name" : "Microsoft Exchange Server 2016", + "version" : { + "version_data" : [ + { + "version_value" : "Cumulative Update 12" + } + ] + } + }, + { + "product_name" : "Microsoft Exchange Server 2019", + "version" : { + "version_data" : [ + { + "version_value" : "Cumulative Update 1" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0724.json b/2019/0xxx/CVE-2019-0724.json index 533ff4f3299..532817512e1 100644 --- a/2019/0xxx/CVE-2019-0724.json +++ b/2019/0xxx/CVE-2019-0724.json @@ -1,90 +1,92 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0724", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Exchange Server 2010", - "version": { - "version_data": [ - { - "version_value": "Service Pack 3 Update Rollup 26" - } - ] - } - }, - { - "product_name": "Microsoft Exchange Server 2013", - "version": { - "version_data": [ - { - "version_value": "Cumulative Update 22" - } - ] - } - }, - { - "product_name": "Microsoft Exchange Server 2016", - "version": { - "version_data": [ - { - "version_value": "Cumulative Update 12" - } - ] - } - }, - { - "product_name": "Microsoft Exchange Server 2019", - "version": { - "version_data": [ - { - "version_value": "Cumulative Update 1" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka \u0027Microsoft Exchange Server Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0686." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0724", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microsoft Exchange Server 2010", + "version" : { + "version_data" : [ + { + "version_value" : "Service Pack 3 Update Rollup 26" + } + ] + } + }, + { + "product_name" : "Microsoft Exchange Server 2013", + "version" : { + "version_data" : [ + { + "version_value" : "Cumulative Update 22" + } + ] + } + }, + { + "product_name" : "Microsoft Exchange Server 2016", + "version" : { + "version_data" : [ + { + "version_value" : "Cumulative Update 12" + } + ] + } + }, + { + "product_name" : "Microsoft Exchange Server 2019", + "version" : { + "version_data" : [ + { + "version_value" : "Cumulative Update 1" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0728.json b/2019/0xxx/CVE-2019-0728.json index 1cf23049e70..b4386f78e9d 100644 --- a/2019/0xxx/CVE-2019-0728.json +++ b/2019/0xxx/CVE-2019-0728.json @@ -1,60 +1,62 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0728", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Visual Studio Code", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka \u0027Visual Studio Code Remote Code Execution Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Remote Code Execution" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0728", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Visual Studio Code", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0729.json b/2019/0xxx/CVE-2019-0729.json index eab6fdcfdf8..e661ea0aeb6 100644 --- a/2019/0xxx/CVE-2019-0729.json +++ b/2019/0xxx/CVE-2019-0729.json @@ -1,60 +1,62 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0729", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Java SDK for Azure IoT", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka \u0027Azure IoT Java SDK Elevation of Privilege Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0729", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Java SDK for Azure IoT", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Elevation of Privilege" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0741.json b/2019/0xxx/CVE-2019-0741.json index 411619fc5b7..51116be3ebe 100644 --- a/2019/0xxx/CVE-2019-0741.json +++ b/2019/0xxx/CVE-2019-0741.json @@ -1,60 +1,62 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0741", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Java SDK for Azure IoT", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka \u0027Azure IoT Java SDK Information Disclosure Vulnerability\u0027." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0741", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Java SDK for Azure IoT", + "version" : { + "version_data" : [ + { + "version_value" : "" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0742.json b/2019/0xxx/CVE-2019-0742.json index a3707a48039..8380f31d788 100644 --- a/2019/0xxx/CVE-2019-0742.json +++ b/2019/0xxx/CVE-2019-0742.json @@ -1,60 +1,62 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0742", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Team Foundation Server 2018", - "version": { - "version_data": [ - { - "version_value": "Update 3.2" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka \u0027Team Foundation Server Cross-site Scripting Vulnerability\u0027. This CVE ID is unique from CVE-2019-0743." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Spoofing" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0742", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Team Foundation Server 2018", + "version" : { + "version_data" : [ + { + "version_value" : "Update 3.2" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Spoofing" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0743.json b/2019/0xxx/CVE-2019-0743.json index b35209856e7..dbe08af6133 100644 --- a/2019/0xxx/CVE-2019-0743.json +++ b/2019/0xxx/CVE-2019-0743.json @@ -1,60 +1,62 @@ -{ - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2019-0743", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Team Foundation Server 2018", - "version": { - "version_data": [ - { - "version_value": "Update 3.2" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka \u0027Team Foundation Server Cross-site Scripting Vulnerability\u0027. This CVE ID is unique from CVE-2019-0742." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Spoofing" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743" - } - ] - } -} +{ + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0743", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Team Foundation Server 2018", + "version" : { + "version_data" : [ + { + "version_value" : "Update 3.2" + } + ] + } + } + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Spoofing" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743", + "refsource" : "CONFIRM", + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743" + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9581.json b/2019/9xxx/CVE-2019-9581.json new file mode 100644 index 00000000000..3b2a61dad28 --- /dev/null +++ b/2019/9xxx/CVE-2019-9581.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9581", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "46486", + "refsource" : "EXPLOIT-DB", + "url" : "https://www.exploit-db.com/exploits/46486" + }, + { + "name" : "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html", + "refsource" : "MISC", + "url" : "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html" + }, + { + "name" : "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/", + "refsource" : "MISC", + "url" : "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/" + } + ] + } +}