admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:55:35 +00:00
parent 7190b90988
commit e20d1f8ede
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3886 additions and 3886 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

190
2006/2xxx/CVE-2006-2007.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2007", "ID": "CVE-2006-2007",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.eeye.com/html/research/advisories/AD20060421.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.eeye.com/html/research/advisories/AD20060421.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port."
{ }
"name" : "VU#167033", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/167033" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#74294680", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2374294680/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17666", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17666" ]
}, },
{ "references": {
"name" : "ADV-2006-1486", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1486" "name": "24883",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24883"
"name" : "24883", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24883" "name": "JVN#74294680",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2374294680/index.html"
"name" : "19795", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19795" "name": "winny-file-transfer-bo(25986)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25986"
"name" : "winny-file-transfer-bo(25986)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25986" "name": "http://www.eeye.com/html/research/advisories/AD20060421.html",
} "refsource": "MISC",
] "url": "http://www.eeye.com/html/research/advisories/AD20060421.html"
} },
} {
"name": "17666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17666"
},
{
"name": "VU#167033",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/167033"
},
{
"name": "19795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19795"
},
{
"name": "ADV-2006-1486",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1486"
}
]
}
}

220
2006/2xxx/CVE-2006-2094.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2094", "ID": "CVE-2006-2094",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a \"Yes\" approval for executing the control."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040407 Race conditions in security dialogs", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html" "lang": "eng",
}, "value": "Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a \"Yes\" approval for executing the control."
{ }
"name" : "20060426 Internet Explorer User Interface Races, Redeux", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0759.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060427 PoC for Internet Explorer Modal Dialog Issue", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045589.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20060427 PoC for Internet Explorer Modal Dialog Issue", ]
"refsource" : "VULNWATCH", }
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0019.html" ]
}, },
{ "references": {
"name" : "http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02", "reference_data": [
"refsource" : "MISC", {
"url" : "http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02" "name": "ADV-2006-1559",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1559"
"name" : "http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/", },
"refsource" : "MISC", {
"url" : "http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/" "name": "20060426 Internet Explorer User Interface Races, Redeux",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0759.html"
"name" : "17713", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17713" "name": "17713",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17713"
"name" : "ADV-2006-1559", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1559" "name": "1015720",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015720"
"name" : "22351", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22351" "name": "22351",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/22351"
"name" : "1015720", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015720" "name": "http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02",
}, "refsource": "MISC",
{ "url": "http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02"
"name" : "ie-modal-dialog-code-execution(26111)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26111" "name": "20060427 PoC for Internet Explorer Modal Dialog Issue",
} "refsource": "FULLDISC",
] "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045589.html"
} },
} {
"name": "ie-modal-dialog-code-execution(26111)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26111"
},
{
"name": "20060427 PoC for Internet Explorer Modal Dialog Issue",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0019.html"
},
{
"name": "http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/",
"refsource": "MISC",
"url": "http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/"
},
{
"name": "20040407 Race conditions in security dialogs",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html"
}
]
}
}

170
2006/2xxx/CVE-2006-2361.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2361", "ID": "CVE-2006-2361",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1774", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1774" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter."
{ }
"name" : "17930", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17930" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1776", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1776" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25507", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/25507" ]
}, },
{ "references": {
"name" : "20062", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20062" "name": "25507",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/25507"
"name" : "pafiledb-pafiledbconstants-file-include(26496)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26496" "name": "17930",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17930"
} },
} {
"name": "20062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20062"
},
{
"name": "1774",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1774"
},
{
"name": "pafiledb-pafiledbconstants-file-include(26496)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26496"
},
{
"name": "ADV-2006-1776",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1776"
}
]
}
}

130
2006/2xxx/CVE-2006-2805.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2805", "ID": "CVE-2006-2805",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/vbulletin-3.0.10-sql-inj.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/vbulletin-3.0.10-sql-inj.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter."
{ }
"name" : "18197", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18197" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/vbulletin-3.0.10-sql-inj.txt",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/vbulletin-3.0.10-sql-inj.txt"
},
{
"name": "18197",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18197"
}
]
}
}

170
2006/3xxx/CVE-2006-3215.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3215", "ID": "CVE-2006-3215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the \"text analysis\", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4,3,20.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4,3,20.htm" "lang": "eng",
}, "value": "Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the \"text analysis\", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set."
{ }
"name" : "18584", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18584" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2473", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2473" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26737", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/26737" ]
}, },
{ "references": {
"name" : "20756", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20756" "name": "26737",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/26737"
"name" : "mailsweeper-charcter-set-security-bypass(27301)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27301" "name": "http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4,3,20.htm",
} "refsource": "CONFIRM",
] "url": "http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4,3,20.htm"
} },
} {
"name": "18584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18584"
},
{
"name": "mailsweeper-charcter-set-security-bypass(27301)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27301"
},
{
"name": "20756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20756"
},
{
"name": "ADV-2006-2473",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2473"
}
]
}
}

160
2006/3xxx/CVE-2006-3308.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3308", "ID": "CVE-2006-3308",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388" "lang": "eng",
}, "value": "Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS)."
{ }
"name" : "18627", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18627" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2503", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2503" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20760", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/20760" ]
}, },
{ "references": {
"name" : "project-eros-img-xss(27488)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27488" "name": "project-eros-img-xss(27488)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27488"
} },
} {
"name": "20760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20760"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388"
},
{
"name": "ADV-2006-2503",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2503"
},
{
"name": "18627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18627"
}
]
}
}

150
2006/3xxx/CVE-2006-3343.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3343", "ID": "CVE-2006-3343",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in recipe/cookbook.php in CrisoftRicette 1.0pre15b allows remote attackers to execute arbitrary PHP code via a URL in the crisoftricette parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060627 CrisoftRicette<<--1.0pre15b Remote File Inclusion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/438459/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in recipe/cookbook.php in CrisoftRicette 1.0pre15b allows remote attackers to execute arbitrary PHP code via a URL in the crisoftricette parameter."
{ }
"name" : "18674", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18674" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1184", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1184" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "crisoftricette-cookbook-file-include(27472)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27472" ]
} },
] "references": {
} "reference_data": [
} {
"name": "crisoftricette-cookbook-file-include(27472)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27472"
},
{
"name": "1184",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1184"
},
{
"name": "20060627 CrisoftRicette<<--1.0pre15b Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438459/100/0/threaded"
},
{
"name": "18674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18674"
}
]
}
}

590
2006/3xxx/CVE-2006-3677.json
View File

@ -1,297 +1,297 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3677", "ID": "CVE-2006-3677",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060727 rPSA-2006-0137-1 firefox", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/441333/100/0/threaded" "lang": "eng",
}, "value": "Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution."
{ }
"name" : "20060726 ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/441332/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html", ]
"refsource" : "MISC", }
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-536", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-536" "name": "20060726 ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/441332/100/0/threaded"
"name" : "GLSA-200608-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200608-02.xml" "name": "21243",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21243"
"name" : "GLSA-200608-03", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml" "name": "RHSA-2006:0608",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0608.html"
"name" : "HPSBUX02153", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded" "name": "GLSA-200608-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200608-02.xml"
"name" : "SSRT061181", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded" "name": "MDKSA-2006:145",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145"
"name" : "MDKSA-2006:143", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" "name": "ADV-2006-3748",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3748"
"name" : "MDKSA-2006:145", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" "name": "iphone-mobilesafari-dos(39998)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39998"
"name" : "RHSA-2006:0608", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0608.html" "name": "19181",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19181"
"name" : "RHSA-2006:0610", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0610.html" "name": "mozilla-javascript-navigator-code-excecution(27981)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27981"
"name" : "RHSA-2006:0611", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0611.html" "name": "TA06-208A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
"name" : "RHSA-2006:0609", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0609.html" "name": "ADV-2006-2998",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/2998"
"name" : "RHSA-2006:0594", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0594.html" "name": "20060727 rPSA-2006-0137-1 firefox",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/441333/100/0/threaded"
"name" : "20060703-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" "name": "21529",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21529"
"name" : "SUSE-SA:2006:048", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html" "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-025.html"
"name" : "USN-327-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/327-1/" "name": "oval:org.mitre.oval:def:10745",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745"
"name" : "USN-354-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-354-1" "name": "21216",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21216"
"name" : "TA06-208A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-208A.html" "name": "GLSA-200608-03",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml"
"name" : "VU#670060", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/670060" "name": "RHSA-2006:0594",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html"
"name" : "19181", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19181" "name": "21336",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21336"
"name" : "19192", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19192" "name": "RHSA-2006:0610",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html"
"name" : "oval:org.mitre.oval:def:10745", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10745" "name": "VU#670060",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/670060"
"name" : "ADV-2006-2998", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2998" "name": "RHSA-2006:0609",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html"
"name" : "ADV-2006-3748", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3748" "name": "22210",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22210"
"name" : "ADV-2008-0083", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0083" "name": "1016586",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016586"
"name" : "1016586", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016586" "name": "19873",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19873"
"name" : "1016587", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016587" "name": "21262",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21262"
"name" : "19873", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19873" "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-45.html"
"name" : "21216", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21216" "name": "21532",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21532"
"name" : "21229", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21229" "name": "21270",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21270"
"name" : "21246", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21246" "name": "ADV-2008-0083",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0083"
"name" : "21243", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21243" "name": "USN-327-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/327-1/"
"name" : "21269", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21269" "name": "21361",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21361"
"name" : "21270", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21270" "name": "21631",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21631"
"name" : "21336", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21336" "name": "SSRT061181",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name" : "21361", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21361" "name": "21246",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21246"
"name" : "21262", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21262" "name": "SUSE-SA:2006:048",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html"
"name" : "21343", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21343" "name": "21229",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21229"
"name" : "21529", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21529" "name": "1016587",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016587"
"name" : "21532", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21532" "name": "HPSBUX02153",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name" : "21631", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21631" "name": "RHSA-2006:0611",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html"
"name" : "22210", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22210" "name": "https://issues.rpath.com/browse/RPL-536",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-536"
"name" : "22066", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22066" "name": "22066",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22066"
"name" : "mozilla-javascript-navigator-code-excecution(27981)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27981" "name": "21269",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21269"
"name" : "iphone-mobilesafari-dos(39998)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39998" "name": "21343",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21343"
} },
} {
"name": "MDKSA-2006:143",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143"
},
{
"name": "19192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19192"
},
{
"name": "USN-354-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-354-1"
},
{
"name": "20060703-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
}
]
}
}

180
2006/3xxx/CVE-2006-3819.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3819", "ID": "CVE-2006-3819",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with \"TYPEOF\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure" "lang": "eng",
}, "value": "Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with \"TYPEOF\"."
{ }
"name" : "19188", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19188" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2995", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2995" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27556", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/displayvuln.php?osvdb_id=27556" ]
}, },
{ "references": {
"name" : "1016603", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016603" "name": "twiki-configure-command-injection(28049)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28049"
"name" : "21235", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21235" "name": "1016603",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016603"
"name" : "twiki-configure-command-injection(28049)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28049" "name": "21235",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21235"
} },
} {
"name": "http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure",
"refsource": "CONFIRM",
"url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure"
},
{
"name": "19188",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19188"
},
{
"name": "27556",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=27556"
},
{
"name": "ADV-2006-2995",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2995"
}
]
}
}

150
2006/6xxx/CVE-2006-6146.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6146", "ID": "CVE-2006-6146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=465886", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=465886" "lang": "eng",
}, "value": "Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle."
{ }
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1597538&group_id=83044&atid=568129", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1597538&group_id=83044&atid=568129" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21259", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21259" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4675", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4675" ]
} },
] "references": {
} "reference_data": [
} {
"name": "21259",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21259"
},
{
"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1597538&group_id=83044&atid=568129",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1597538&group_id=83044&atid=568129"
},
{
"name": "ADV-2006-4675",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4675"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=465886",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=465886"
}
]
}
}

130
2006/6xxx/CVE-2006-6163.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6163", "ID": "CVE-2006-6163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters."
{ }
"name" : "ADV-2006-4709", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/4709" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51",
"refsource": "CONFIRM",
"url": "http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/changelog.txt?r1=1.157.2.50&r2=1.157.2.51"
},
{
"name": "ADV-2006-4709",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4709"
}
]
}
}

120
2006/6xxx/CVE-2006-6689.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6689", "ID": "CVE-2006-6689",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-6739. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2006-5086", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5086" "lang": "eng",
} "value": "Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-6739. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-5086",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5086"
}
]
}
}

150
2006/6xxx/CVE-2006-6838.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6838", "ID": "CVE-2006-6838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061231 Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455611/100/0/threaded" "lang": "eng",
}, "value": "Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter."
{ }
"name" : "http://www.infogreg.com/security/misc/rediff-bol-downloader-allows-downloading-and-spawning-arbitary-files.html", ]
"refsource" : "MISC", },
"url" : "http://www.infogreg.com/security/misc/rediff-bol-downloader-allows-downloading-and-spawning-arbitary-files.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21831", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21831" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2089", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2089" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.infogreg.com/security/misc/rediff-bol-downloader-allows-downloading-and-spawning-arbitary-files.html",
"refsource": "MISC",
"url": "http://www.infogreg.com/security/misc/rediff-bol-downloader-allows-downloading-and-spawning-arbitary-files.html"
},
{
"name": "20061231 Rediff Bol Downloader Allows Downloading and Spawning Arbitary Files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455611/100/0/threaded"
},
{
"name": "2089",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2089"
},
{
"name": "21831",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21831"
}
]
}
}

140
2006/6xxx/CVE-2006-6893.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6893", "ID": "CVE-2006-6893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html" "lang": "eng",
}, "value": "Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE."
{ }
"name" : "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/", "description": [
"refsource" : "MISC", {
"url" : "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html"
},
{
"name": "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/",
"refsource": "MISC",
"url": "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/"
},
{
"name": "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf",
"refsource": "MISC",
"url": "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf"
}
]
}
}

160
2006/6xxx/CVE-2006-6912.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6912", "ID": "CVE-2006-6912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpmyfaq.de/advisory_2006-12-15.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phpmyfaq.de/advisory_2006-12-15.php" "lang": "eng",
}, "value": "SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter."
{ }
"name" : "21944", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21944" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0077", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0077" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23651", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23651" ]
}, },
{ "references": {
"name" : "phpmyfaq-attachment-sql-injection(32802)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32802" "name": "23651",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/23651"
} },
} {
"name": "http://www.phpmyfaq.de/advisory_2006-12-15.php",
"refsource": "CONFIRM",
"url": "http://www.phpmyfaq.de/advisory_2006-12-15.php"
},
{
"name": "ADV-2007-0077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0077"
},
{
"name": "phpmyfaq-attachment-sql-injection(32802)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32802"
},
{
"name": "21944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21944"
}
]
}
}

150
2006/7xxx/CVE-2006-7161.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7161", "ID": "CVE-2006-7161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061006 Hazir Site v2.0 Admin SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447829/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter."
{ }
"name" : "20375", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20375" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2374", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2374" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "hazir-site-giris-sql-injection(29371)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29371" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20375"
},
{
"name": "20061006 Hazir Site v2.0 Admin SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447829/100/0/threaded"
},
{
"name": "hazir-site-giris-sql-injection(29371)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29371"
},
{
"name": "2374",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2374"
}
]
}
}

170
2011/0xxx/CVE-2011-0893.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-0893", "ID": "CVE-2011-0893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02650", "description_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130166433409257&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "SSRT100429", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=130166433409257&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1025281", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025281" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43985", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/43985" ]
}, },
{ "references": {
"name" : "8174", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8174" "name": "8174",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8174"
"name" : "ADV-2011-0837", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0837" "name": "HPSBMA02650",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=130166433409257&w=2"
} },
} {
"name": "ADV-2011-0837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0837"
},
{
"name": "SSRT100429",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130166433409257&w=2"
},
{
"name": "43985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43985"
},
{
"name": "1025281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025281"
}
]
}
}

120
2011/0xxx/CVE-2011-0908.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0908", "ID": "CVE-2011-0908",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Target parameter to an unspecified component, a different vulnerability than CVE-2011-0526."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vanillaforums.org/discussion/comment/134729/#Comment_134729", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vanillaforums.org/discussion/comment/134729/#Comment_134729" "lang": "eng",
} "value": "Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Target parameter to an unspecified component, a different vulnerability than CVE-2011-0526."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vanillaforums.org/discussion/comment/134729/#Comment_134729",
"refsource": "CONFIRM",
"url": "http://www.vanillaforums.org/discussion/comment/134729/#Comment_134729"
}
]
}
}

120
2011/0xxx/CVE-2011-0920.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0920", "ID": "CVE-2011-0920",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21461514", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21461514" "lang": "eng",
} "value": "The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514"
}
]
}
}

170
2011/1xxx/CVE-2011-1061.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1061", "ID": "CVE-2011-1061",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110221 www.eVuln.com : \"time\" SQL Injection vulnerability in WSN Guest", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/516562/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter."
{ }
"name" : "http://evuln.com/vulns/175/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/175/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.org/files/view/98573/wsnguest124-sql.txt", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/files/view/98573/wsnguest124-sql.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "46465", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/46465" ]
}, },
{ "references": {
"name" : "8102", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8102" "name": "8102",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8102"
"name" : "wsnguest-index-sql-injection(65550)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65550" "name": "http://packetstormsecurity.org/files/view/98573/wsnguest124-sql.txt",
} "refsource": "MISC",
] "url": "http://packetstormsecurity.org/files/view/98573/wsnguest124-sql.txt"
} },
} {
"name": "http://evuln.com/vulns/175/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/175/summary.html"
},
{
"name": "wsnguest-index-sql-injection(65550)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65550"
},
{
"name": "46465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46465"
},
{
"name": "20110221 www.eVuln.com : \"time\" SQL Injection vulnerability in WSN Guest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516562/100/0/threaded"
}
]
}
}

130
2011/1xxx/CVE-2011-1906.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1906", "ID": "CVE-2011-1906",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt" "lang": "eng",
}, "value": "Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756."
{ }
"name" : "1025447", ]
"refsource" : "SECTRACK", },
"url" : "http://securitytracker.com/id?1025447" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt",
"refsource": "CONFIRM",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt"
},
{
"name": "1025447",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025447"
}
]
}
}

170
2011/3xxx/CVE-2011-3099.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3099", "ID": "CVE-2011-3099",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=124479", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=124479" "lang": "eng",
}, "value": "Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding."
{ }
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "53540", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53540" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:15208", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15208" ]
}, },
{ "references": {
"name" : "1027067", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027067" "name": "1027067",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1027067"
"name" : "chrome-corrupt-font-code-exec(75604)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75604" "name": "http://code.google.com/p/chromium/issues/detail?id=124479",
} "refsource": "CONFIRM",
] "url": "http://code.google.com/p/chromium/issues/detail?id=124479"
} },
} {
"name": "oval:org.mitre.oval:def:15208",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15208"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html"
},
{
"name": "53540",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53540"
},
{
"name": "chrome-corrupt-font-code-exec(75604)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75604"
}
]
}
}

140
2011/3xxx/CVE-2011-3903.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2011-3903", "ID": "CVE-2011-3903",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=81753", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=81753" "lang": "eng",
}, "value": "Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:14704", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14704" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:14704",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14704"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=81753",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=81753"
}
]
}
}

140
2011/4xxx/CVE-2011-4033.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2011-4033", "ID": "CVE-2011-4033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf" "lang": "eng",
}, "value": "Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to cause a denial of service via unspecified vectors."
{ }
"name" : "http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695", ]
"refsource" : "CONFIRM", },
"url" : "http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page",
"refsource": "CONFIRM",
"url": "http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf"
},
{
"name": "http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695",
"refsource": "CONFIRM",
"url": "http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695"
}
]
}
}

140
2011/4xxx/CVE-2011-4686.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4686", "ID": "CVE-2011-4686",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opera.com/docs/changelogs/mac/1160/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/mac/1160/" "lang": "eng",
}, "value": "Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors."
{ }
"name" : "http://www.opera.com/docs/changelogs/unix/1160/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.opera.com/docs/changelogs/unix/1160/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.opera.com/docs/changelogs/windows/1160/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/windows/1160/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.opera.com/docs/changelogs/mac/1160/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1160/"
},
{
"name": "http://www.opera.com/docs/changelogs/windows/1160/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1160/"
},
{
"name": "http://www.opera.com/docs/changelogs/unix/1160/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1160/"
}
]
}
}

34
2013/5xxx/CVE-2013-5261.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5261", "ID": "CVE-2013-5261",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2013/5xxx/CVE-2013-5382.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-5382", "ID": "CVE-2013-5382",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5383."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21651085", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21651085" "lang": "eng",
}, "value": "IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5383."
{ }
"name" : "IV40210", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40210" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55068", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/55068" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "55070", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/55070" ]
}, },
{ "references": {
"name" : "maximo-cve20135382-priv-esc(86933)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86933" "name": "55070",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/55070"
} },
} {
"name": "maximo-cve20135382-priv-esc(86933)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86933"
},
{
"name": "55068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55068"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21651085",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21651085"
},
{
"name": "IV40210",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40210"
}
]
}
}

190
2013/5xxx/CVE-2013-5720.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5720", "ID": "CVE-2013-5720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019" "lang": "eng",
}, "value": "Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
{ }
"name" : "https://www.wireshark.org/security/wnpa-sec-2013-57.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.wireshark.org/security/wnpa-sec-2013-57.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2756", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2013/dsa-2756" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2013:1481", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00050.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2013:1483", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00052.html" "name": "openSUSE-SU-2013:1481",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00050.html"
"name" : "oval:org.mitre.oval:def:18416", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18416" "name": "55022",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/55022"
"name" : "54812", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54812" "name": "https://www.wireshark.org/security/wnpa-sec-2013-57.html",
}, "refsource": "CONFIRM",
{ "url": "https://www.wireshark.org/security/wnpa-sec-2013-57.html"
"name" : "55022", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/55022" "name": "DSA-2756",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2013/dsa-2756"
} },
} {
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019"
},
{
"name": "54812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54812"
},
{
"name": "oval:org.mitre.oval:def:18416",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18416"
},
{
"name": "openSUSE-SU-2013:1483",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00052.html"
}
]
}
}

34
2013/5xxx/CVE-2013-5941.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5941", "ID": "CVE-2013-5941",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2013/5xxx/CVE-2013-5966.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5966", "ID": "CVE-2013-5966",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20131115 CVE-2013-5966 - XSS in ZK Framework", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0101.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "https://github.com/zkoss/zk/blob/v5.0.13/zkdoc/release-note", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/zkoss/zk/blob/v5.0.13/zkdoc/release-note" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55690", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/55690" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20131115 CVE-2013-5966 - XSS in ZK Framework",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0101.html"
},
{
"name": "https://github.com/zkoss/zk/blob/v5.0.13/zkdoc/release-note",
"refsource": "CONFIRM",
"url": "https://github.com/zkoss/zk/blob/v5.0.13/zkdoc/release-note"
},
{
"name": "55690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55690"
}
]
}
}

34
2014/2xxx/CVE-2014-2123.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2123", "ID": "CVE-2014-2123",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2014/2xxx/CVE-2014-2155.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-2155", "ID": "CVE-2014-2155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=33850", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=33850" "lang": "eng",
}, "value": "The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437."
{ }
"name" : "20140417 Cisco Network Registrar DHCPv6 Denial of Service Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2155" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140417 Cisco Network Registrar DHCPv6 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2155"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33850",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33850"
}
]
}
}

120
2014/2xxx/CVE-2014-2407.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-2407", "ID": "CVE-2014-2407",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
}
]
}
}

130
2014/2xxx/CVE-2014-2638.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2014-2638", "ID": "CVE-2014-2638",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMU03110", "description_data": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636" "lang": "eng",
}, "value": "Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344."
{ }
"name" : "SSRT101587", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101587",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636"
},
{
"name": "HPSBMU03110",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04454636"
}
]
}
}

160
2014/2xxx/CVE-2014-2808.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-2808", "ID": "CVE-2014-2808",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-051", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051" "lang": "eng",
}, "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067."
{ }
"name" : "69103", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/69103" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030715", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030715" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "60670", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/60670" ]
}, },
{ "references": {
"name" : "ms-ie-cve20142808-code-exec(94971)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94971" "name": "1030715",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1030715"
} },
} {
"name": "69103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69103"
},
{
"name": "ms-ie-cve20142808-code-exec(94971)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94971"
},
{
"name": "MS14-051",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
},
{
"name": "60670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60670"
}
]
}
}

140
2014/2xxx/CVE-2014-2959.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-2959", "ID": "CVE-2014-2959",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#124908", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/124908" "lang": "eng",
}, "value": "logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote attackers to execute arbitrary commands via shell metacharacters in a pathname parameter."
{ }
"name" : "67751", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/67751" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "59019", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59019" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "67751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67751"
},
{
"name": "VU#124908",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/124908"
},
{
"name": "59019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59019"
}
]
}
}

150
2014/2xxx/CVE-2014-2988.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2988", "ID": "CVE-2014-2988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbitrary PHP code via crafted callback values to the call_user_func PHP function, as demonstrated using the newsettings[system] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2987."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140514 CSRF and Remote Code Execution in EGroupware", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/532103/100/0/threaded" "lang": "eng",
}, "value": "EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbitrary PHP code via crafted callback values to the call_user_func PHP function, as demonstrated using the newsettings[system] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2987."
{ }
"name" : "https://www.htbridge.com/advisory/HTB23212", ]
"refsource" : "MISC", },
"url" : "https://www.htbridge.com/advisory/HTB23212" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://advisories.mageia.org/MGASA-2014-0221.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://advisories.mageia.org/MGASA-2014-0221.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDVSA-2015:087", ]
"refsource" : "MANDRIVA", }
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:087" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://advisories.mageia.org/MGASA-2014-0221.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0221.html"
},
{
"name": "MDVSA-2015:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:087"
},
{
"name": "https://www.htbridge.com/advisory/HTB23212",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23212"
},
{
"name": "20140514 CSRF and Remote Code Execution in EGroupware",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532103/100/0/threaded"
}
]
}
}

130
2014/6xxx/CVE-2014-6168.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-6168", "ID": "CVE-2014-6168",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1 before 5.1.0.15 IF0056 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21692907", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21692907" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1 before 5.1.0.15 IF0056 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."
{ }
"name" : "ibm-sim-cve20146168-csrf(97752)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97752" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21692907",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692907"
},
{
"name": "ibm-sim-cve20146168-csrf(97752)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97752"
}
]
}
}

130
2014/6xxx/CVE-2014-6260.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6260", "ID": "CVE-2014-6260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing" "lang": "eng",
}, "value": "Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412."
{ }
"name" : "VU#449452", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/449452" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#449452",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/449452"
},
{
"name": "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing",
"refsource": "CONFIRM",
"url": "https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing"
}
]
}
}

34
2014/7xxx/CVE-2014-7220.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7220", "ID": "CVE-2014-7220",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/7xxx/CVE-2014-7263.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2014-7263", "ID": "CVE-2014-7263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://jvn.jp/en/jp/JVN87910097/360573/index.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://jvn.jp/en/jp/JVN87910097/360573/index.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261."
{ }
"name" : "JVN#87910097", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN87910097/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2014-000146", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000146" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://jvn.jp/en/jp/JVN87910097/360573/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN87910097/360573/index.html"
},
{
"name": "JVNDB-2014-000146",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000146"
},
{
"name": "JVN#87910097",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87910097/index.html"
}
]
}
}

140
2014/7xxx/CVE-2014-7526.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7526", "ID": "CVE-2014-7526",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Immunize Canada (aka ca.ohri.immunizeapp) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Immunize Canada (aka ca.ohri.immunizeapp) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#310577", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/310577" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#310577",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/310577"
}
]
}
}

220
2014/7xxx/CVE-2014-7942.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2014-7942", "ID": "CVE-2014-7942",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html" "lang": "eng",
}, "value": "The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=426762", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=426762" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201502-13", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201502-13.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:0093", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0093.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:0441", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html" "name": "62665",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62665"
"name" : "USN-2476-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2476-1" "name": "https://code.google.com/p/chromium/issues/detail?id=426762",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=426762"
"name" : "72288", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72288" "name": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html"
"name" : "1031623", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031623" "name": "62575",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62575"
"name" : "62575", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62575" "name": "USN-2476-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2476-1"
"name" : "62383", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62383" "name": "72288",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/72288"
"name" : "62665", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62665" "name": "GLSA-201502-13",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml"
} },
} {
"name": "1031623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031623"
},
{
"name": "openSUSE-SU-2015:0441",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html"
},
{
"name": "RHSA-2015:0093",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0093.html"
},
{
"name": "62383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62383"
}
]
}
}

140
2017/0xxx/CVE-2017-0155.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0155", "ID": "CVE-2017-0155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows Graphics Component", "product_name": "Windows Graphics Component",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2008 R2 SP1, and Windows 7 SP1" "version_value": "Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2008 R2 SP1, and Windows 7 SP1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka \"Windows Graphics Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0155", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0155" "lang": "eng",
}, "value": "The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka \"Windows Graphics Elevation of Privilege Vulnerability.\""
{ }
"name" : "97471", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97471" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038237", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038237" "lang": "eng",
} "value": "Elevation of Privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1038237",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038237"
},
{
"name": "97471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97471"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0155",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0155"
}
]
}
}

34
2017/0xxx/CVE-2017-0993.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0993", "ID": "CVE-2017-0993",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

124
2017/1000xxx/CVE-2017-1000155.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.366861", "DATE_ASSIGNED": "2017-08-22T17:29:33.366861",
"ID" : "CVE-2017-1000155", "ID": "CVE-2017-1000155",
"REQUESTER" : "info@mahara.org", "REQUESTER": "info@mahara.org",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Mahara", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<15.04.8, <15.10.4, <16.04.2" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mahara" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to profile pictures being accessed without any access control checks consequently allowing any of a user's uploaded profile pictures to be viewable by anyone, whether or not they were currently selected as the \"default\" or used in any pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Access Control"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.launchpad.net/mahara/+bug/1600069", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.launchpad.net/mahara/+bug/1600069" "lang": "eng",
} "value": "Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to profile pictures being accessed without any access control checks consequently allowing any of a user's uploaded profile pictures to be viewable by anyone, whether or not they were currently selected as the \"default\" or used in any pages."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/mahara/+bug/1600069",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/mahara/+bug/1600069"
}
]
}
}

346
2017/1xxx/CVE-2017-1124.json
View File

@ -1,175 +1,175 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1124", "ID": "CVE-2017-1124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Maximo Asset Management", "product_name": "Maximo Asset Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.2" "version_value": "6.2"
}, },
{ {
"version_value" : "7.1" "version_value": "7.1"
}, },
{ {
"version_value" : "7.5" "version_value": "7.5"
}, },
{ {
"version_value" : "7.5.0.0" "version_value": "7.5.0.0"
}, },
{ {
"version_value" : "7.5.0.10" "version_value": "7.5.0.10"
}, },
{ {
"version_value" : "7.1.0.0" "version_value": "7.1.0.0"
}, },
{ {
"version_value" : "6.2.0.0" "version_value": "6.2.0.0"
}, },
{ {
"version_value" : "7.2" "version_value": "7.2"
}, },
{ {
"version_value" : "7.1.1" "version_value": "7.1.1"
}, },
{ {
"version_value" : "7.1.2" "version_value": "7.1.2"
}, },
{ {
"version_value" : "7.2.1" "version_value": "7.2.1"
}, },
{ {
"version_value" : "6.2.1" "version_value": "6.2.1"
}, },
{ {
"version_value" : "6.2.2" "version_value": "6.2.2"
}, },
{ {
"version_value" : "6.2.3" "version_value": "6.2.3"
}, },
{ {
"version_value" : "6.2.4" "version_value": "6.2.4"
}, },
{ {
"version_value" : "6.2.5" "version_value": "6.2.5"
}, },
{ {
"version_value" : "6.2.6" "version_value": "6.2.6"
}, },
{ {
"version_value" : "6.2.7" "version_value": "6.2.7"
}, },
{ {
"version_value" : "6.2.8" "version_value": "6.2.8"
}, },
{ {
"version_value" : "7.1.1.1" "version_value": "7.1.1.1"
}, },
{ {
"version_value" : "7.1.1.10" "version_value": "7.1.1.10"
}, },
{ {
"version_value" : "7.1.1.11" "version_value": "7.1.1.11"
}, },
{ {
"version_value" : "7.1.1.12" "version_value": "7.1.1.12"
}, },
{ {
"version_value" : "7.1.1.2" "version_value": "7.1.1.2"
}, },
{ {
"version_value" : "7.1.1.5" "version_value": "7.1.1.5"
}, },
{ {
"version_value" : "7.1.1.6" "version_value": "7.1.1.6"
}, },
{ {
"version_value" : "7.1.1.7" "version_value": "7.1.1.7"
}, },
{ {
"version_value" : "7.1.1.8" "version_value": "7.1.1.8"
}, },
{ {
"version_value" : "7.1.1.9" "version_value": "7.1.1.9"
}, },
{ {
"version_value" : "7.5.0.1" "version_value": "7.5.0.1"
}, },
{ {
"version_value" : "7.5.0.2" "version_value": "7.5.0.2"
}, },
{ {
"version_value" : "7.5.0.3" "version_value": "7.5.0.3"
}, },
{ {
"version_value" : "7.5.0.4" "version_value": "7.5.0.4"
}, },
{ {
"version_value" : "7.5.0.5" "version_value": "7.5.0.5"
}, },
{ {
"version_value" : "7.6" "version_value": "7.6"
}, },
{ {
"version_value" : "7.5.0" "version_value": "7.5.0"
}, },
{ {
"version_value" : "7.6.0" "version_value": "7.6.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21998053", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21998053" "lang": "eng",
}, "value": "IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local attacker to obtain sensitive information using HTTP Header Injection. IBM Reference #: 1998053."
{ }
"name" : "96536", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96536" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998053",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998053"
},
{
"name": "96536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96536"
}
]
}
}

170
2017/5xxx/CVE-2017-5102.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2017-5102", "ID": "CVE-2017-5102",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android", "product_name": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android" "version_value": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Uninitialized Use"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
{ }
"name" : "https://crbug.com/727678", ]
"refsource" : "MISC", },
"url" : "https://crbug.com/727678" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3926", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3926" "lang": "eng",
}, "value": "Uninitialized Use"
{ }
"name" : "GLSA-201709-15", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201709-15" ]
}, },
{ "references": {
"name" : "RHSA-2017:1833", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1833" "name": "https://crbug.com/727678",
}, "refsource": "MISC",
{ "url": "https://crbug.com/727678"
"name" : "99950", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99950" "name": "GLSA-201709-15",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201709-15"
} },
} {
"name": "DSA-3926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3926"
},
{
"name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
},
{
"name": "99950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99950"
},
{
"name": "RHSA-2017:1833",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1833"
}
]
}
}

34
2017/5xxx/CVE-2017-5322.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5322", "ID": "CVE-2017-5322",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

274
2017/5xxx/CVE-2017-5446.json
View File

@ -1,139 +1,139 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2017-5446", "ID": "CVE-2017-5446",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.1" "version_value": "52.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.9" "version_value": "45.9"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.1" "version_value": "52.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "53" "version_value": "53"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An out-of-bounds read when an HTTP/2 connection to a servers sends \"DATA\" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1343505", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1343505" "lang": "eng",
}, "value": "An out-of-bounds read when an HTTP/2 connection to a servers sends \"DATA\" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-10/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-10/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-11/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-11/" "lang": "eng",
}, "value": "Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-12/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-12/" ]
}, },
{ "references": {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-13/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-13/" "name": "RHSA-2017:1106",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1106"
"name" : "DSA-3831", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3831" "name": "https://www.mozilla.org/security/advisories/mfsa2017-12/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-12/"
"name" : "RHSA-2017:1104", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1104" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1343505",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1343505"
"name" : "RHSA-2017:1106", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1106" "name": "https://www.mozilla.org/security/advisories/mfsa2017-11/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-11/"
"name" : "RHSA-2017:1201", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1201" "name": "https://www.mozilla.org/security/advisories/mfsa2017-10/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"
"name" : "97940", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97940" "name": "97940",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/97940"
"name" : "1038320", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038320" "name": "DSA-3831",
} "refsource": "DEBIAN",
] "url": "https://www.debian.org/security/2017/dsa-3831"
} },
} {
"name": "https://www.mozilla.org/security/advisories/mfsa2017-13/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-13/"
},
{
"name": "1038320",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038320"
},
{
"name": "RHSA-2017:1104",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1104"
},
{
"name": "RHSA-2017:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1201"
}
]
}
}

140
2017/5xxx/CVE-2017-5583.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5583", "ID": "CVE-2017-5583",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://securityadvisories.paloaltonetworks.com/Home/Detail/75", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://securityadvisories.paloaltonetworks.com/Home/Detail/75" "lang": "eng",
}, "value": "The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors."
{ }
"name" : "96370", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96370" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037890", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037890" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/75",
"refsource": "CONFIRM",
"url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/75"
},
{
"name": "96370",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96370"
},
{
"name": "1037890",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037890"
}
]
}
}

34
2017/5xxx/CVE-2017-5730.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5730", "ID": "CVE-2017-5730",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }