admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:09:32 +00:00
parent 31d1eda3cf
commit e24928df41
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
47 changed files with 3277 additions and 3277 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2005/0xxx/CVE-2005-0288.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0288", "ID": "CVE-2005-0288",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050110 Portcullis Security Advisory 05-008", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110549684319400&w=2" "lang": "eng",
}, "value": "The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords."
{ }
"name" : "12231", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/12231" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1012854", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012854" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13821", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/13821" ]
}, },
{ "references": {
"name" : "webseries-pa-password-gain-access(18860)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18860" "name": "1012854",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1012854"
} },
} {
"name": "webseries-pa-password-gain-access(18860)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18860"
},
{
"name": "20050110 Portcullis Security Advisory 05-008",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110549684319400&w=2"
},
{
"name": "12231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12231"
},
{
"name": "13821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13821"
}
]
}
}

34
2005/0xxx/CVE-2005-0466.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0466", "ID": "CVE-2005-0466",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2005/0xxx/CVE-2005-0776.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0776", "ID": "CVE-2005-0776",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify administrative privileges before manipulating photos, which could allow remote attackers to manipulate other users' photos."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050311 PhotoPost PHP 5.0 RC3, and later, multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111065868402859&w=2" "lang": "eng",
}, "value": "adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify administrative privileges before manipulating photos, which could allow remote attackers to manipulate other users' photos."
{ }
"name" : "12779", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/12779" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14576", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14576" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "photopost-image-modification(19677)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19677" ]
} },
] "references": {
} "reference_data": [
} {
"name": "12779",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12779"
},
{
"name": "20050311 PhotoPost PHP 5.0 RC3, and later, multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111065868402859&w=2"
},
{
"name": "photopost-image-modification(19677)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19677"
},
{
"name": "14576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14576"
}
]
}
}

130
2005/0xxx/CVE-2005-0851.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0851", "ID": "CVE-2005-0851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473" "lang": "eng",
}, "value": "FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings."
{ }
"name" : "12865", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/12865" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473"
},
{
"name": "12865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12865"
}
]
}
}

140
2005/1xxx/CVE-2005-1066.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1066", "ID": "CVE-2005-1066",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050411 rpdump TOCTOU file-permissions vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://msgs.securepoint.com/cgi-bin/get/bugtraq0504/126.html" "lang": "eng",
}, "value": "Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack."
{ }
"name" : "15456", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/15456" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14899", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14899" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20050411 rpdump TOCTOU file-permissions vulnerability",
"refsource": "BUGTRAQ",
"url": "http://msgs.securepoint.com/cgi-bin/get/bugtraq0504/126.html"
},
{
"name": "14899",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14899"
},
{
"name": "15456",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15456"
}
]
}
}

300
2005/1xxx/CVE-2005-1987.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2005-1987", "ID": "CVE-2005-1987",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the \"Content-Type\" string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112915118302012&w=2" "lang": "eng",
}, "value": "Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the \"Content-Type\" string."
{ }
"name" : "20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS05-048", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-048" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "Q907245", ]
"refsource" : "MSKB", }
"url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q907245" ]
}, },
{ "references": {
"name" : "TA05-284A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-284A.html" "name": "19905",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/19905"
"name" : "VU#883460", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/883460" "name": "Q907245",
}, "refsource": "MSKB",
{ "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q907245"
"name" : "15067", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15067" "name": "oval:org.mitre.oval:def:581",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A581"
"name" : "19905", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19905" "name": "oval:org.mitre.oval:def:1406",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1406"
"name" : "oval:org.mitre.oval:def:1130", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1130" "name": "VU#883460",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/883460"
"name" : "oval:org.mitre.oval:def:1201", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1201" "name": "oval:org.mitre.oval:def:848",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A848"
"name" : "oval:org.mitre.oval:def:1406", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1406" "name": "oval:org.mitre.oval:def:1515",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1515"
"name" : "oval:org.mitre.oval:def:1420", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1420" "name": "win-cdo-bo(22495)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22495"
"name" : "oval:org.mitre.oval:def:1515", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1515" "name": "17167",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17167"
"name" : "oval:org.mitre.oval:def:581", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A581" "name": "15067",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15067"
"name" : "oval:org.mitre.oval:def:848", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A848" "name": "oval:org.mitre.oval:def:1420",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1420"
"name" : "1015038", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015038" "name": "MS05-048",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-048"
"name" : "1015039", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015039" "name": "oval:org.mitre.oval:def:1201",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1201"
"name" : "17167", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17167" "name": "oval:org.mitre.oval:def:1130",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1130"
"name" : "win-cdo-bo(22495)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22495" "name": "TA05-284A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA05-284A.html"
} },
} {
"name": "1015038",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015038"
},
{
"name": "20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html"
},
{
"name": "20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112915118302012&w=2"
},
{
"name": "1015039",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015039"
}
]
}
}

210
2005/3xxx/CVE-2005-3420.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3420", "ID": "CVE-2005-3420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an \"e\" modifier into a preg_replace statement."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051031 Advisory 17/2005: phpBB Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=113081113317600&w=2" "lang": "eng",
}, "value": "usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an \"e\" modifier into a preg_replace statement."
{ }
"name" : "http://www.hardened-php.net/advisory_172005.75.html", ]
"refsource" : "MISC", },
"url" : "http://www.hardened-php.net/advisory_172005.75.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-925", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-925" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15243", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15243" ]
}, },
{ "references": {
"name" : "ADV-2005-2250", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2250" "name": "ADV-2005-2250",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2250"
"name" : "20391", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20391" "name": "20051031 Advisory 17/2005: phpBB Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=113081113317600&w=2"
"name" : "1015121", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015121" "name": "DSA-925",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-925"
"name" : "17366", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17366" "name": "17366",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17366"
"name" : "18098", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18098" "name": "130",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/130"
"name" : "130", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/130" "name": "18098",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18098"
} },
} {
"name": "http://www.hardened-php.net/advisory_172005.75.html",
"refsource": "MISC",
"url": "http://www.hardened-php.net/advisory_172005.75.html"
},
{
"name": "20391",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20391"
},
{
"name": "1015121",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015121"
},
{
"name": "15243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15243"
}
]
}
}

34
2005/4xxx/CVE-2005-4097.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2005-4097", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2005-4097",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
} }
] ]
} }
} }

150
2005/4xxx/CVE-2005-4194.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4194", "ID": "CVE-2005-4194",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ipomonis.com/advisories/sws.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.ipomonis.com/advisories/sws.txt" "lang": "eng",
}, "value": "Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string."
{ }
"name" : "15809", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15809" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2841", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2841" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17998", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/17998" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2005-2841",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2841"
},
{
"name": "http://www.ipomonis.com/advisories/sws.txt",
"refsource": "MISC",
"url": "http://www.ipomonis.com/advisories/sws.txt"
},
{
"name": "15809",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15809"
},
{
"name": "17998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17998"
}
]
}
}

140
2005/4xxx/CVE-2005-4368.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4368", "ID": "CVE-2005-4368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1), allows remote attackers to obtain the full path of the application via an invalid_task parameter, which leaks the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051217 Fullpath disclosure in roundcube webmail", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/418851/100/0/threaded" "lang": "eng",
}, "value": "roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1), allows remote attackers to obtain the full path of the application via an invalid_task parameter, which leaks the path in an error message."
{ }
"name" : "20051217 Re: Fullpath disclosure in roundcube webmail", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/419710/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060117 Re: Fullpath disclosure in roundcube webmail", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/422168/100/0/threaded" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20060117 Re: Fullpath disclosure in roundcube webmail",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422168/100/0/threaded"
},
{
"name": "20051217 Re: Fullpath disclosure in roundcube webmail",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419710/100/0/threaded"
},
{
"name": "20051217 Fullpath disclosure in roundcube webmail",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418851/100/0/threaded"
}
]
}
}

130
2005/4xxx/CVE-2005-4457.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4457", "ID": "CVE-2005-4457",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via several \"...\" (triple dot) sequences in a UID FETCH command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051220 [ACSSEC-2005-11-27-0x2] Remote Overflows in Mailenable Enterprise 1.1 / Professional 1.7", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/lists/fulldisclosure/2005/Dec/1036.html" "lang": "eng",
}, "value": "MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via several \"...\" (triple dot) sequences in a UID FETCH command."
{ }
"name" : "18134", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/18134" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18134",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18134"
},
{
"name": "20051220 [ACSSEC-2005-11-27-0x2] Remote Overflows in Mailenable Enterprise 1.1 / Professional 1.7",
"refsource": "FULLDISC",
"url": "http://seclists.org/lists/fulldisclosure/2005/Dec/1036.html"
}
]
}
}

140
2005/4xxx/CVE-2005-4685.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4685", "ID": "CVE-2005-4685",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051104 Browser cookie handling: possible cross-domain cookie sharing", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0123.html" "lang": "eng",
}, "value": "Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site."
{ }
"name" : "15331", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15331" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "konqueror-cookie-information-disclosure(25291)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25291" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "15331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15331"
},
{
"name": "20051104 Browser cookie handling: possible cross-domain cookie sharing",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0123.html"
},
{
"name": "konqueror-cookie-information-disclosure(25291)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25291"
}
]
}
}

170
2009/0xxx/CVE-2009-0170.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0170", "ID": "CVE-2009-0170",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other \"access to resources,\" by visiting the Configuration Items component in the console."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1" "lang": "eng",
}, "value": "Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other \"access to resources,\" by visiting the Configuration Items component in the console."
{ }
"name" : "242166", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242166-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33265", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33265" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2009-0156", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2009/0156" ]
}, },
{ "references": {
"name" : "1021605", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021605" "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1",
}, "refsource": "CONFIRM",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1"
"name" : "sun-jsam-password-info-disclosure(47942)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47942" "name": "33265",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/33265"
} },
} {
"name": "1021605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021605"
},
{
"name": "242166",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242166-1"
},
{
"name": "sun-jsam-password-info-disclosure(47942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47942"
},
{
"name": "ADV-2009-0156",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0156"
}
]
}
}

590
2009/0xxx/CVE-2009-0352.json
View File

@ -1,297 +1,297 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-0352", "ID": "CVE-2009-0352",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-01.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=331088", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=331088" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=401042", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=401042" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=416461", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=416461" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=420697", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=420697" "name": "SUSE-SA:2009:023",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=421839", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=421839" "name": "33808",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33808"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=422283", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=422283" "name": "ADV-2009-0313",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/0313"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=422301", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=422301" "name": "DSA-1830",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1830"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=431705", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=431705" "name": "SUSE-SA:2009:009",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=437142", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=437142" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=431705",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=431705"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=449006", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=449006" "name": "FEDORA-2009-3101",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=461027", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=461027" "name": "33809",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33809"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm" "name": "MDVSA-2009:044",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044"
"name" : "DSA-1830", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1830" "name": "RHSA-2009:0256",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2009-0256.html"
"name" : "FEDORA-2009-1399", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html" "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-01.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-01.html"
"name" : "FEDORA-2009-2882", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html" "name": "SSA:2009-083-02",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420"
"name" : "FEDORA-2009-2884", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=437142",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=437142"
"name" : "FEDORA-2009-3101", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html" "name": "oval:org.mitre.oval:def:10699",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699"
"name" : "MDVSA-2009:044", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=416461",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=416461"
"name" : "MDVSA-2009:083", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:083" "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm"
"name" : "RHSA-2009:0256", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2009-0256.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=422283",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=422283"
"name" : "RHSA-2009:0257", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0257.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=421839",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=421839"
"name" : "RHSA-2009:0258", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0258.html" "name": "33831",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33831"
"name" : "SSA:2009-083-02", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420" "name": "RHSA-2009:0258",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0258.html"
"name" : "SSA:2009-083-03", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952" "name": "MDVSA-2009:083",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:083"
"name" : "SUSE-SA:2009:023", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html" "name": "1021663",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1021663"
"name" : "SUSE-SA:2009:009", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html" "name": "34464",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34464"
"name" : "USN-717-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-717-1" "name": "34417",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34417"
"name" : "USN-741-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/741-1/" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=331088",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=331088"
"name" : "33598", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33598" "name": "33841",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33841"
"name" : "oval:org.mitre.oval:def:10699", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699" "name": "34527",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34527"
"name" : "33802", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33802" "name": "33816",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33816"
"name" : "33831", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33831" "name": "33846",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33846"
"name" : "33841", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33841" "name": "33799",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33799"
"name" : "33846", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33846" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=401042",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=401042"
"name" : "34387", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34387" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=422301",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=422301"
"name" : "34324", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34324" "name": "FEDORA-2009-2882",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html"
"name" : "34417", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34417" "name": "RHSA-2009:0257",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0257.html"
"name" : "34462", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34462" "name": "FEDORA-2009-2884",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html"
"name" : "34464", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34464" "name": "SSA:2009-083-03",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952"
"name" : "34527", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34527" "name": "34462",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34462"
"name" : "ADV-2009-0313", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0313" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=420697",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=420697"
"name" : "1021663", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021663" "name": "33598",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/33598"
"name" : "33799", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33799" "name": "USN-741-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/741-1/"
"name" : "33808", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33808" "name": "FEDORA-2009-1399",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html"
"name" : "33809", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33809" "name": "33802",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33802"
"name" : "33816", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33816" "name": "34324",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34324"
"name" : "33869", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33869" "name": "33869",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/33869"
} },
} {
"name": "USN-717-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-717-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=449006",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=449006"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=461027",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461027"
},
{
"name": "34387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34387"
}
]
}
}

380
2009/0xxx/CVE-2009-0355.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-0355", "ID": "CVE-2009-0355",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type=\"file\" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-03.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-03.html" "lang": "eng",
}, "value": "components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type=\"file\" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=466937", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=466937" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2009-1399", ]
"refsource" : "FEDORA", }
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html" ]
}, },
{ "references": {
"name" : "FEDORA-2009-2882", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html" "name": "33808",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33808"
"name" : "FEDORA-2009-2884", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html" "name": "ADV-2009-0313",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/0313"
"name" : "MDVSA-2009:044", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044" "name": "SUSE-SA:2009:009",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html"
"name" : "RHSA-2009:0256", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2009-0256.html" "name": "33809",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33809"
"name" : "RHSA-2009:0257", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0257.html" "name": "MDVSA-2009:044",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:044"
"name" : "RHSA-2009:0258", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0258.html" "name": "RHSA-2009:0256",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2009-0256.html"
"name" : "SUSE-SA:2009:009", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm"
"name" : "USN-717-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-717-1" "name": "33831",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33831"
"name" : "USN-717-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-717-2" "name": "oval:org.mitre.oval:def:9161",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9161"
"name" : "33598", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/33598" "name": "USN-717-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-717-2"
"name" : "oval:org.mitre.oval:def:9161", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9161" "name": "RHSA-2009:0258",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0258.html"
"name" : "33831", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33831" "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-03.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-03.html"
"name" : "33841", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33841" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=466937",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466937"
"name" : "33846", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33846" "name": "34417",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34417"
"name" : "34324", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34324" "name": "33841",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33841"
"name" : "34417", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34417" "name": "33816",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33816"
"name" : "ADV-2009-0313", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0313" "name": "33846",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33846"
"name" : "1021665", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021665" "name": "33799",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33799"
"name" : "33799", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33799" "name": "FEDORA-2009-2882",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html"
"name" : "33808", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33808" "name": "RHSA-2009:0257",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0257.html"
"name" : "33809", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33809" "name": "FEDORA-2009-2884",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html"
"name" : "33816", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33816" "name": "33598",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/33598"
"name" : "33869", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33869" "name": "FEDORA-2009-1399",
} "refsource": "FEDORA",
] "url": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html"
} },
} {
"name": "34324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34324"
},
{
"name": "33869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33869"
},
{
"name": "USN-717-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-717-1"
},
{
"name": "1021665",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021665"
}
]
}
}

180
2009/1xxx/CVE-2009-1178.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1178", "ID": "CVE-2009-1178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the \"admin command line.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21246076", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21246076" "lang": "eng",
}, "value": "Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the \"admin command line.\""
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21375360", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21375360" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "IC46744", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IC46744" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34285", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/34285" ]
}, },
{ "references": {
"name" : "1021945", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1021945" "name": "ADV-2009-0881",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/0881"
"name" : "34498", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34498" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360"
"name" : "ADV-2009-0881", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0881" "name": "IC46744",
} "refsource": "AIXAPAR",
] "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC46744"
} },
} {
"name": "34285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34285"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076"
},
{
"name": "34498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34498"
},
{
"name": "1021945",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021945"
}
]
}
}

140
2009/1xxx/CVE-2009-1509.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1509", "ID": "CVE-2009-1509",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8341", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8341" "lang": "eng",
}, "value": "SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
{ }
"name" : "34338", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/34338" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34529", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34529" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "34529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34529"
},
{
"name": "8341",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8341"
},
{
"name": "34338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34338"
}
]
}
}

180
2009/3xxx/CVE-2009-3073.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3073", "ID": "CVE-2009-3073",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-47.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-47.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=507292", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=507292" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SA:2009:048", "description": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2009_48_firefox.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36343", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/36343" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:6398", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6398" "name": "36343",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36343"
"name" : "36671", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36671" "name": "SUSE-SA:2009:048",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2009_48_firefox.html"
"name" : "37098", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37098" "name": "oval:org.mitre.oval:def:6398",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6398"
} },
} {
"name": "36671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36671"
},
{
"name": "http://www.mozilla.org/security/announce/2009/mfsa2009-47.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-47.html"
},
{
"name": "37098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37098"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=507292",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=507292"
}
]
}
}

34
2009/3xxx/CVE-2009-3870.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2009-3870", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2009-3870",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3870. Reason: This candidate is a duplicate of CVE-2008-3870. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2008-3870 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3870. Reason: This candidate is a duplicate of CVE-2008-3870. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2008-3870 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

200
2009/3xxx/CVE-2009-3891.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3891", "ID": "CVE-2009-3891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter (aka the selection variable)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20091115 CVE request: Wordpress 2.8.6", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/11/15/2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter (aka the selection variable)."
{ }
"name" : "[oss-security] 20091115 Re: CVE request: Wordpress 2.8.6", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2009/11/15/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20091116 Re: CVE request: Wordpress 2.8.6", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/11/16/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://core.trac.wordpress.org/attachment/ticket/11119/press-this-xss-bug-11-10-2009.patch", ]
"refsource" : "CONFIRM", }
"url" : "http://core.trac.wordpress.org/attachment/ticket/11119/press-this-xss-bug-11-10-2009.patch" ]
}, },
{ "references": {
"name" : "http://core.trac.wordpress.org/attachment/ticket/11119/press-this.002.diff", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://core.trac.wordpress.org/attachment/ticket/11119/press-this.002.diff" "name": "37332",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37332"
"name" : "http://core.trac.wordpress.org/ticket/11119", },
"refsource" : "CONFIRM", {
"url" : "http://core.trac.wordpress.org/ticket/11119" "name": "[oss-security] 20091116 Re: CVE request: Wordpress 2.8.6",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2009/11/16/1"
"name" : "http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release/", },
"refsource" : "CONFIRM", {
"url" : "http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release/" "name": "http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release/",
}, "refsource": "CONFIRM",
{ "url": "http://wordpress.org/development/2009/11/wordpress-2-8-6-security-release/"
"name" : "59959", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/59959" "name": "59959",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/59959"
"name" : "37332", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37332" "name": "[oss-security] 20091115 Re: CVE request: Wordpress 2.8.6",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2009/11/15/3"
} },
} {
"name": "http://core.trac.wordpress.org/ticket/11119",
"refsource": "CONFIRM",
"url": "http://core.trac.wordpress.org/ticket/11119"
},
{
"name": "http://core.trac.wordpress.org/attachment/ticket/11119/press-this-xss-bug-11-10-2009.patch",
"refsource": "CONFIRM",
"url": "http://core.trac.wordpress.org/attachment/ticket/11119/press-this-xss-bug-11-10-2009.patch"
},
{
"name": "[oss-security] 20091115 CVE request: Wordpress 2.8.6",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/15/2"
},
{
"name": "http://core.trac.wordpress.org/attachment/ticket/11119/press-this.002.diff",
"refsource": "CONFIRM",
"url": "http://core.trac.wordpress.org/attachment/ticket/11119/press-this.002.diff"
}
]
}
}

140
2009/4xxx/CVE-2009-4186.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4186", "ID": "CVE-2009-4186",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "10102", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/10102" "lang": "eng",
}, "value": "Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property."
{ }
"name" : "37039", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37039" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "safari-css-property-bo(54487)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54487" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "safari-css-property-bo(54487)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54487"
},
{
"name": "10102",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10102"
},
{
"name": "37039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37039"
}
]
}
}

140
2009/4xxx/CVE-2009-4252.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4252", "ID": "CVE-2009-4252",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in images.php in Image Hosting Script DPI 1.1 Final (1.1F) allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "10300", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/10300" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in images.php in Image Hosting Script DPI 1.1 Final (1.1F) allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://www.clixint.com/support/viewtopic.php?f=3&t=542", ]
"refsource" : "CONFIRM", },
"url" : "http://www.clixint.com/support/viewtopic.php?f=3&t=542" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37456", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37456" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.clixint.com/support/viewtopic.php?f=3&t=542",
"refsource": "CONFIRM",
"url": "http://www.clixint.com/support/viewtopic.php?f=3&t=542"
},
{
"name": "10300",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10300"
},
{
"name": "37456",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37456"
}
]
}
}

140
2009/4xxx/CVE-2009-4611.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4611", "ID": "CVE-2009-4611",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100110 Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/508830/100/0/threaded" "lang": "eng",
}, "value": "Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application."
{ }
"name" : "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt", ]
"refsource" : "MISC", },
"url" : "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt",
"refsource": "MISC",
"url": "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt"
},
{
"name": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt",
"refsource": "MISC",
"url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt"
},
{
"name": "20100110 Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508830/100/0/threaded"
}
]
}
}

160
2009/4xxx/CVE-2009-4649.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4649", "ID": "CVE-2009-4649",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://groups.csail.mit.edu/pag/ardilla/", "description_data": [
"refsource" : "MISC", {
"url" : "http://groups.csail.mit.edu/pag/ardilla/" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php."
{ }
"name" : "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-lenient-T.txt", ]
"refsource" : "MISC", },
"url" : "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-lenient-T.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-strict-T.txt", "description": [
"refsource" : "MISC", {
"url" : "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-strict-T.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35449", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/35449" ]
}, },
{ "references": {
"name" : "geccbblite-postatoda-xss(56278)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56278" "name": "http://groups.csail.mit.edu/pag/ardilla/",
} "refsource": "MISC",
] "url": "http://groups.csail.mit.edu/pag/ardilla/"
} },
} {
"name": "geccbblite-postatoda-xss(56278)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56278"
},
{
"name": "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-strict-T.txt",
"refsource": "MISC",
"url": "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-strict-T.txt"
},
{
"name": "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-lenient-T.txt",
"refsource": "MISC",
"url": "http://groups.csail.mit.edu/pag/ardilla/geccbblite-XSS2-lenient-T.txt"
},
{
"name": "35449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35449"
}
]
}
}

130
2009/4xxx/CVE-2009-4789.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4789", "ID": "CVE-2009-4789",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0912-exploits/joomlamojoblog-rfi.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0912-exploits/joomlamojoblog-rfi.txt" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php."
{ }
"name" : "37179", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37179" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37179"
},
{
"name": "http://packetstormsecurity.org/0912-exploits/joomlamojoblog-rfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0912-exploits/joomlamojoblog-rfi.txt"
}
]
}
}

130
2012/2xxx/CVE-2012-2042.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2012-2042", "ID": "CVE-2012-2042",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb12-10.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb12-10.html" "lang": "eng",
}, "value": "Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026."
{ }
"name" : "1027047", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id?1027047" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb12-10.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb12-10.html"
},
{
"name": "1027047",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027047"
}
]
}
}

140
2012/2xxx/CVE-2012-2169.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-2169", "ID": "CVE-2012-2169",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21607783", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21607783" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field."
{ }
"name" : "PM62762", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM62762" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "rcq-filedesc-xss(75049)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75049" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "PM62762",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM62762"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21607783",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21607783"
},
{
"name": "rcq-filedesc-xss(75049)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75049"
}
]
}
}

34
2012/2xxx/CVE-2012-2732.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-2732", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-2732",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2021. Reason: This candidate is a duplicate of CVE-2010-2021. Notes: All CVE users should reference CVE-2010-2021 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2021. Reason: This candidate is a duplicate of CVE-2010-2021. Notes: All CVE users should reference CVE-2010-2021 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

130
2012/6xxx/CVE-2012-6498.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6498", "ID": "CVE-2012-6498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file, as exploited in the wild in October 2012."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://thaicert.or.th/alerts/admin/2012/al2012ad025.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://thaicert.or.th/alerts/admin/2012/al2012ad025.html" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file, as exploited in the wild in October 2012."
{ }
"name" : "http://www.youtube.com/watch?v=CfvTCSS3LGY", ]
"refsource" : "MISC", },
"url" : "http://www.youtube.com/watch?v=CfvTCSS3LGY" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.youtube.com/watch?v=CfvTCSS3LGY",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=CfvTCSS3LGY"
},
{
"name": "http://thaicert.or.th/alerts/admin/2012/al2012ad025.html",
"refsource": "MISC",
"url": "http://thaicert.or.th/alerts/admin/2012/al2012ad025.html"
}
]
}
}

140
2015/0xxx/CVE-2015-0532.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-0532", "ID": "CVE-2015-0532",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150429 ESA-2015-078: RSA Identity Management and Governance (IMG) Insecure Password Reset Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/Apr/204" "lang": "eng",
}, "value": "EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account."
{ }
"name" : "http://packetstormsecurity.com/files/131710/RSA-IMG-6.9-6.9.1-Insecure-Password-Reset.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/131710/RSA-IMG-6.9-6.9.1-Insecure-Password-Reset.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032218", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032218" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20150429 ESA-2015-078: RSA Identity Management and Governance (IMG) Insecure Password Reset Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Apr/204"
},
{
"name": "1032218",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032218"
},
{
"name": "http://packetstormsecurity.com/files/131710/RSA-IMG-6.9-6.9.1-Insecure-Password-Reset.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131710/RSA-IMG-6.9-6.9.1-Insecure-Password-Reset.html"
}
]
}
}

34
2015/1xxx/CVE-2015-1316.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1316", "ID": "CVE-2015-1316",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2015/1xxx/CVE-2015-1783.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-1783", "ID": "CVE-2015-1783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd", "description_data": [
"refsource" : "MISC", {
"url" : "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd" "lang": "eng",
}, "value": "The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1199925", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1199925" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2015-4807", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154355.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2015-4821", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155382.html" ]
}, },
{ "references": {
"name" : "FEDORA-2015-4848", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154321.html" "name": "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd",
} "refsource": "MISC",
] "url": "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd"
} },
} {
"name": "FEDORA-2015-4807",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154355.html"
},
{
"name": "FEDORA-2015-4821",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155382.html"
},
{
"name": "FEDORA-2015-4848",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154321.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1199925",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199925"
}
]
}
}

140
2015/5xxx/CVE-2015-5057.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5057", "ID": "CVE-2015-5057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150624 Re: CVE Request for Wordpress-Plugin Broken Link Checker v1.10.8: Persistent XSS in admin panel enabled by modified headers", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/06/25/1" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed."
{ }
"name" : "https://wordpress.org/plugins/broken-link-checker/#developers", ]
"refsource" : "MISC", },
"url" : "https://wordpress.org/plugins/broken-link-checker/#developers" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75421", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75421" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/broken-link-checker/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/broken-link-checker/#developers"
},
{
"name": "[oss-security] 20150624 Re: CVE Request for Wordpress-Plugin Broken Link Checker v1.10.8: Persistent XSS in admin panel enabled by modified headers",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/25/1"
},
{
"name": "75421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75421"
}
]
}
}

150
2015/5xxx/CVE-2015-5163.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5163", "ID": "CVE-2015-5163",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[openstack-announce] 20150813 [OSSA 2015-014] Glance v2 API host file disclosure through qcow2 backing file (CVE-2015-5163)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.openstack.org/pipermail/openstack-announce/2015-August/000527.html" "lang": "eng",
}, "value": "The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image."
{ }
"name" : "https://bugs.launchpad.net/glance/+bug/1471912", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.launchpad.net/glance/+bug/1471912" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:1639", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1639.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "76346", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/76346" ]
} },
] "references": {
} "reference_data": [
} {
"name": "RHSA-2015:1639",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1639.html"
},
{
"name": "[openstack-announce] 20150813 [OSSA 2015-014] Glance v2 API host file disclosure through qcow2 backing file (CVE-2015-5163)",
"refsource": "MLIST",
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-August/000527.html"
},
{
"name": "76346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76346"
},
{
"name": "https://bugs.launchpad.net/glance/+bug/1471912",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/glance/+bug/1471912"
}
]
}
}

150
2015/5xxx/CVE-2015-5696.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5696", "ID": "CVE-2015-5696",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Dell Netvault Backup before 10.0.5 allows remote attackers to cause a denial of service (crash) via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150730 Dell Netvault Backup Remote Denial of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/536111/100/0/threaded" "lang": "eng",
}, "value": "Dell Netvault Backup before 10.0.5 allows remote attackers to cause a denial of service (crash) via a crafted request."
{ }
"name" : "37739", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/37739/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/132928/Dell-Netvault-Backup-10.0.1.24-Denial-Of-Service.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132928/Dell-Netvault-Backup-10.0.1.24-Denial-Of-Service.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033145", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033145" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://packetstormsecurity.com/files/132928/Dell-Netvault-Backup-10.0.1.24-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132928/Dell-Netvault-Backup-10.0.1.24-Denial-Of-Service.html"
},
{
"name": "1033145",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033145"
},
{
"name": "20150730 Dell Netvault Backup Remote Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536111/100/0/threaded"
},
{
"name": "37739",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37739/"
}
]
}
}

148
2018/1002xxx/CVE-2018-1002006.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "larry0@me.com", "ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED" : "2018-08-22", "DATE_ASSIGNED": "2018-08-22",
"ID" : "CVE-2018-1002006", "ID": "CVE-2018-1002006",
"REQUESTER" : "kurt@seifried.org", "REQUESTER": "kurt@seifried.org",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"UPDATED" : "2017-08-10T14:41Z" "UPDATED": "2017-08-10T14:41Z"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Arigato Autoresponder and Newsletter", "product_name": "Arigato Autoresponder and Newsletter",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<=", "version_affected": "<=",
"version_value" : "2.5.1.8" "version_value": "2.5.1.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kiboko Labs https://calendarscripts.info/" "vendor_name": "Kiboko Labs https://calendarscripts.info/"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "45434", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/45434/" "lang": "eng",
}, "value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes"
{ }
"name" : "http://www.vapidlabs.com/advisory.php?v=203", ]
"refsource" : "MISC", },
"url" : "http://www.vapidlabs.com/advisory.php?v=203" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://wordpress.org/plugins/bft-autoresponder/", "description": [
"refsource" : "MISC", {
"url" : "https://wordpress.org/plugins/bft-autoresponder/" "lang": "eng",
} "value": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}

34
2018/3xxx/CVE-2018-3486.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3486", "ID": "CVE-2018-3486",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/3xxx/CVE-2018-3793.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3793", "ID": "CVE-2018-3793",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/3xxx/CVE-2018-3796.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3796", "ID": "CVE-2018-3796",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/7xxx/CVE-2018-7169.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7169", "ID": "CVE-2018-7169",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357" "lang": "eng",
}, "value": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation."
{ }
"name" : "GLSA-201805-09", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201805-09" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357"
},
{
"name": "GLSA-201805-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201805-09"
}
]
}
}

130
2018/7xxx/CVE-2018-7263.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7263", "ID": "CVE-2018-7263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overlap CVE-2017-11552."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870608", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870608" "lang": "eng",
}, "value": "The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overlap CVE-2017-11552."
{ }
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=1081784", ]
"refsource" : "MISC", },
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=1081784" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1081784",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1081784"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870608",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870608"
}
]
}
}

34
2018/7xxx/CVE-2018-7622.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7622", "ID": "CVE-2018-7622",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/7xxx/CVE-2018-7840.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7840", "ID": "CVE-2018-7840",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2018/8xxx/CVE-2018-8119.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8119", "ID": "CVE-2018-8119",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "C# SDK", "product_name": "C# SDK",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Azure IoT" "version_value": "Azure IoT"
} }
] ]
} }
}, },
{ {
"product_name" : "C SDK", "product_name": "C SDK",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Azure IoT" "version_value": "Azure IoT"
} }
] ]
} }
}, },
{ {
"product_name" : "Java SDK", "product_name": "Java SDK",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Azure IoT" "version_value": "Azure IoT"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka \"Azure IoT SDK Spoofing Vulnerability.\" This affects C# SDK, C SDK, Java SDK."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119" "lang": "eng",
}, "value": "A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka \"Azure IoT SDK Spoofing Vulnerability.\" This affects C# SDK, C SDK, Java SDK."
{ }
"name" : "104070", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104070" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119"
},
{
"name": "104070",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104070"
}
]
}
}

142
2018/8xxx/CVE-2018-8854.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-08-31T00:00:00", "DATE_PUBLIC": "2018-08-31T00:00:00",
"ID" : "CVE-2018-8854", "ID": "CVE-2018-8854",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "e-Alert Unit (non-medical device)", "product_name": "e-Alert Unit (non-medical device)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "R2.1 and prior" "version_value": "R2.1 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Philips" "vendor_name": "Philips"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly restrict the size or amount of resources requested or influenced by an actor, which can be used to consume more resources than intended."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "UNCONTROLLED RESOURCE CONSUMPTION ('RESOURCE EXHAUSTION') CWE-400"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01" "lang": "eng",
}, "value": "Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly restrict the size or amount of resources requested or influenced by an actor, which can be used to consume more resources than intended."
{ }
"name" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security", ]
"refsource" : "CONFIRM", },
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "105194", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105194" "lang": "eng",
} "value": "UNCONTROLLED RESOURCE CONSUMPTION ('RESOURCE EXHAUSTION') CWE-400"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security",
"refsource": "CONFIRM",
"url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
},
{
"name": "105194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105194"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01"
}
]
}
}

34
2018/8xxx/CVE-2018-8983.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8983", "ID": "CVE-2018-8983",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/8xxx/CVE-2018-8997.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8997", "ID": "CVE-2018-8997",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002004."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002004", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002004" "lang": "eng",
} "value": "In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002004."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002004",
"refsource": "MISC",
"url": "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002004"
}
]
}
}