From e444f6e30033daea9ccea31cdba3202b18c6bfb8 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 2 Feb 2023 19:02:00 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/7xxx/CVE-2006-7196.json | 366 +++++++++++++++----- 2006/7xxx/CVE-2006-7227.json | 334 +++++++++--------- 2008/2xxx/CVE-2008-2939.json | 594 ++++++++++++++++++++------------- 2023/23xxx/CVE-2023-23110.json | 40 +++ 4 files changed, 856 insertions(+), 478 deletions(-) diff --git a/2006/7xxx/CVE-2006-7196.json b/2006/7xxx/CVE-2006-7196.json index 6c5c71d0318..f984a72a290 100644 --- a/2006/7xxx/CVE-2006-7196.json +++ b/2006/7xxx/CVE-2006-7196.json @@ -1,40 +1,17 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2006-7196", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1." + "value": "CVE-2006-7196 tomcat XSS in example webapps" } ] }, @@ -44,113 +21,324 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Network Satellite Server v 4.2", + "version": { + "version_data": [ + { + "version_value": "0:2.0s10-3.38.rhn", + "version_affected": "!" + }, + { + "version_value": "0:1.4.2.10-1jpp.2.el4", + "version_affected": "!" + }, + { + "version_value": "0:0.9.20-3.rhn", + "version_affected": "!" + }, + { + "version_value": "0:2.1.30-11.RHEL4.6", + "version_affected": "!" + }, + { + "version_value": "0:2.24-1.el4", + "version_affected": "!" + }, + { + "version_value": "0:1.3.27-36.rhn.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:1.2.23-2rhn.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:1.29-16.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:2.8.12-8.rhn.10.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:5.0.30-0jpp_10rh", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "Red Hat Network Satellite Server v 4.2 (RHEL3)", + "version": { + "version_data": [ + { + "version_value": "0:2.0s10-3.37.rhn", + "version_affected": "!" + }, + { + "version_value": "0:1.4.2.10-1jpp.2.el3", + "version_affected": "!" + }, + { + "version_value": "0:0.9.20-3.rhn", + "version_affected": "!" + }, + { + "version_value": "0:2.1.30-9.RHEL3.8", + "version_affected": "!" + }, + { + "version_value": "0:2.24-1.el3", + "version_affected": "!" + }, + { + "version_value": "0:1.3.27-36.rhn.rhel3", + "version_affected": "!" + }, + { + "version_value": "0:1.2.23-2rhn.rhel3", + "version_affected": "!" + }, + { + "version_value": "0:1.29-16.rhel3", + "version_affected": "!" + }, + { + "version_value": "0:2.8.12-8.rhn.10.rhel3", + "version_affected": "!" + }, + { + "version_value": "0:5.0.30-0jpp_10rh", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "Red Hat Network Satellite Server v 5.0", + "version": { + "version_data": [ + { + "version_value": "0:2.0s10-3.38.rhn", + "version_affected": "!" + }, + { + "version_value": "0:1.4.2.10-1jpp.2.el4", + "version_affected": "!" + }, + { + "version_value": "0:0.9.20-3.rhn", + "version_affected": "!" + }, + { + "version_value": "0:2.1.30-11.RHEL4.6", + "version_affected": "!" + }, + { + "version_value": "0:2.24-1.el4", + "version_affected": "!" + }, + { + "version_value": "0:1.3.27-36.rhn.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:1.2.23-2rhn.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:1.29-16.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:2.8.12-8.rhn.10.rhel4", + "version_affected": "!" + }, + { + "version_value": "0:5.0.30-0jpp_10rh", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "RHAPS Version 1 for RHEL 3", + "version": { + "version_data": [ + { + "version_value": "0:5.0.30-0jpp_5rh", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "RHAPS Version 2 for RHEL 4", + "version": { + "version_data": [ + { + "version_value": "0:2.0-3jpp_2rh", + "version_affected": "!" + }, + { + "version_value": "0:5.5.23-0jpp_4rh.3", + "version_affected": "!" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "http://tomcat.apache.org/security-4.html", - "refsource": "CONFIRM", - "url": "http://tomcat.apache.org/security-4.html" + "url": "http://tomcat.apache.org/security-4.html", + "refsource": "MISC", + "name": "http://tomcat.apache.org/security-4.html" }, { - "name": "34888", - "refsource": "OSVDB", - "url": "http://osvdb.org/34888" + "url": "http://tomcat.apache.org/security-5.html", + "refsource": "MISC", + "name": "http://tomcat.apache.org/security-5.html" }, { - "name": "29242", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/29242" + "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { - "name": "20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" + "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { - "name": "SUSE-SR:2008:005", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" + "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { - "name": "33668", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/33668" + "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", + "refsource": "MISC", + "name": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { - "name": "20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" + "url": "https://access.redhat.com/errata/RHSA-2008:0261", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2008:0261" }, { - "name": "25531", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/25531" + "url": "https://access.redhat.com/errata/RHSA-2008:0524", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2008:0524" }, { - "name": "ADV-2007-1729", - "refsource": "VUPEN", - "url": "http://www.vupen.com/english/advisories/2007/1729" + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" }, { - "name": "ADV-2009-0233", - "refsource": "VUPEN", - "url": "http://www.vupen.com/english/advisories/2009/0233" + "url": "http://secunia.com/advisories/29242", + "refsource": "MISC", + "name": "http://secunia.com/advisories/29242" }, { - "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm", - "refsource": "CONFIRM", - "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm" + "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", + "refsource": "MISC", + "name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { - "name": "20070904 Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/478491/100/0/threaded" + "url": "http://secunia.com/advisories/33668", + "refsource": "MISC", + "name": "http://secunia.com/advisories/33668" }, { - "name": "http://tomcat.apache.org/security-5.html", - "refsource": "CONFIRM", - "url": "http://tomcat.apache.org/security-5.html" + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm", + "refsource": "MISC", + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm" }, { - "name": "RHSA-2008:0261", - "refsource": "REDHAT", - "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" + "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", + "refsource": "MISC", + "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { - "name": "20070905 Re: Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/478609/100/0/threaded" + "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { - "name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", - "refsource": "CONFIRM", - "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" + "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { - "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", - "refsource": "CONFIRM", - "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" + "url": "http://www.vupen.com/english/advisories/2007/1729", + "refsource": "MISC", + "name": "http://www.vupen.com/english/advisories/2007/1729" }, { - "refsource": "MLIST", - "name": "[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", - "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" + "url": "http://www.vupen.com/english/advisories/2009/0233", + "refsource": "MISC", + "name": "http://www.vupen.com/english/advisories/2009/0233" }, { - "refsource": "MLIST", - "name": "[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", - "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" + "url": "https://access.redhat.com/errata/RHSA-2007:0326", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2007:0326" }, { - "refsource": "MLIST", - "name": "[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/", - "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" + "url": "https://access.redhat.com/errata/RHSA-2007:0340", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2007:0340" + }, + { + "url": "http://osvdb.org/34888", + "refsource": "MISC", + "name": "http://osvdb.org/34888" + }, + { + "url": "http://www.securityfocus.com/archive/1/478491/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/478491/100/0/threaded" + }, + { + "url": "http://www.securityfocus.com/archive/1/478609/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/478609/100/0/threaded" + }, + { + "url": "http://www.securityfocus.com/bid/25531", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/25531" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2006-7196", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2006-7196" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=238131", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=238131" } ] } diff --git a/2006/7xxx/CVE-2006-7227.json b/2006/7xxx/CVE-2006-7227.json index d0af9dbcd70..e6a44dd0294 100644 --- a/2006/7xxx/CVE-2006-7227.json +++ b/2006/7xxx/CVE-2006-7227.json @@ -1,40 +1,17 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2006-7227", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split." + "value": "CVE-2006-7227 pcre integer overflow" } ] }, @@ -44,153 +21,204 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 4", + "version": { + "version_data": [ + { + "version_value": "0:4.5-4.el4_5.4", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 5", + "version": { + "version_data": [ + { + "version_value": "0:6.6-2.el5_1.1", + "version_affected": "!" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "30219", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/30219" - }, - { - "name": "GLSA-200711-30", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml" - }, - { - "name": "oval:org.mitre.oval:def:10408", - "refsource": "OVAL", - "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10408" - }, - { - "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-493.htm", - "refsource": "CONFIRM", - "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-493.htm" - }, - { - "name": "MDVSA-2008:030", - "refsource": "MANDRIVA", - "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030" - }, - { - "name": "DSA-1570", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2008/dsa-1570" - }, - { - "name": "SUSE-SA:2008:004", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" - }, - { - "name": "28658", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/28658" - }, - { - "name": "27773", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/27773" - }, - { - "name": "28406", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/28406" - }, - { - "name": "26462", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/26462" - }, - { - "name": "GLSA-200805-11", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml" - }, - { - "name": "RHSA-2007:1052", - "refsource": "REDHAT", - "url": "http://www.redhat.com/support/errata/RHSA-2007-1052.html" - }, - { - "name": "27741", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/27741" - }, - { - "name": "SUSE-SA:2007:062", - "refsource": "SUSE", - "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html" - }, - { - "name": "http://www.pcre.org/changelog.txt", - "refsource": "CONFIRM", - "url": "http://www.pcre.org/changelog.txt" - }, - { - "name": "30155", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/30155" - }, - { - "name": "27869", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/27869" - }, - { - "name": "28720", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/28720" - }, - { - "name": "GLSA-200801-02", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml" - }, - { - "name": "27582", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/27582" - }, - { - "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html", "refsource": "MISC", - "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976" + "name": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" }, { - "name": "http://scary.beasts.org/security/CESA-2007-006.html", + "url": "http://scary.beasts.org/security/CESA-2007-006.html", "refsource": "MISC", - "url": "http://scary.beasts.org/security/CESA-2007-006.html" + "name": "http://scary.beasts.org/security/CESA-2007-006.html" }, { - "name": "GLSA-200801-19", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml" + "url": "http://secunia.com/advisories/27582", + "refsource": "MISC", + "name": "http://secunia.com/advisories/27582" }, { - "name": "GLSA-200801-18", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml" + "url": "http://secunia.com/advisories/27773", + "refsource": "MISC", + "name": "http://secunia.com/advisories/27773" }, { - "name": "28414", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/28414" + "url": "http://secunia.com/advisories/27869", + "refsource": "MISC", + "name": "http://secunia.com/advisories/27869" }, { - "name": "30106", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/30106" + "url": "http://secunia.com/advisories/28658", + "refsource": "MISC", + "name": "http://secunia.com/advisories/28658" }, { - "name": "28714", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/28714" + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-493.htm", + "refsource": "MISC", + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-493.htm" + }, + { + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030", + "refsource": "MISC", + "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030" + }, + { + "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html", + "refsource": "MISC", + "name": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html" + }, + { + "url": "http://www.pcre.org/changelog.txt", + "refsource": "MISC", + "name": "http://www.pcre.org/changelog.txt" + }, + { + "url": "http://www.redhat.com/support/errata/RHSA-2007-1052.html", + "refsource": "MISC", + "name": "http://www.redhat.com/support/errata/RHSA-2007-1052.html" + }, + { + "url": "http://www.securityfocus.com/bid/26462", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/26462" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2007:1052", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2007:1052" + }, + { + "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976", + "refsource": "MISC", + "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976" + }, + { + "url": "http://secunia.com/advisories/27741", + "refsource": "MISC", + "name": "http://secunia.com/advisories/27741" + }, + { + "url": "http://secunia.com/advisories/28406", + "refsource": "MISC", + "name": "http://secunia.com/advisories/28406" + }, + { + "url": "http://secunia.com/advisories/28414", + "refsource": "MISC", + "name": "http://secunia.com/advisories/28414" + }, + { + "url": "http://secunia.com/advisories/28714", + "refsource": "MISC", + "name": "http://secunia.com/advisories/28714" + }, + { + "url": "http://secunia.com/advisories/28720", + "refsource": "MISC", + "name": "http://secunia.com/advisories/28720" + }, + { + "url": "http://secunia.com/advisories/30106", + "refsource": "MISC", + "name": "http://secunia.com/advisories/30106" + }, + { + "url": "http://secunia.com/advisories/30155", + "refsource": "MISC", + "name": "http://secunia.com/advisories/30155" + }, + { + "url": "http://secunia.com/advisories/30219", + "refsource": "MISC", + "name": "http://secunia.com/advisories/30219" + }, + { + "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-200711-30.xml" + }, + { + "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-200801-02.xml" + }, + { + "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-200801-18.xml" + }, + { + "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-200801-19.xml" + }, + { + "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-200805-11.xml" + }, + { + "url": "http://www.debian.org/security/2008/dsa-1570", + "refsource": "MISC", + "name": "http://www.debian.org/security/2008/dsa-1570" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2006-7227", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2006-7227" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=383341", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=383341" + }, + { + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10408", + "refsource": "MISC", + "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10408" } ] } diff --git a/2008/2xxx/CVE-2008-2939.json b/2008/2xxx/CVE-2008-2939.json index 82097cd2b1b..9da1347350a 100644 --- a/2008/2xxx/CVE-2008-2939.json +++ b/2008/2xxx/CVE-2008-2939.json @@ -1,40 +1,17 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-2939", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI." + "value": "CVE-2008-2939 httpd: mod_proxy_ftp globbing XSS" } ] }, @@ -44,333 +21,478 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Certificate System 7.3", + "version": { + "version_data": [ + { + "version_value": "0:1.6.5-1jpp_1rh", + "version_affected": "!" + }, + { + "version_value": "0:1.2-2jpp_4rh", + "version_affected": "!" + }, + { + "version_value": "0:1.2.1-1jpp_3rh", + "version_affected": "!" + }, + { + "version_value": "0:1.0-2jpp_6rh", + "version_affected": "!" + }, + { + "version_value": "0:1.1.1-2jpp_8rh", + "version_affected": "!" + }, + { + "version_value": "0:1.0-0.M4.1jpp_10rh", + "version_affected": "!" + }, + { + "version_value": "0:2.0-3jpp_2rh", + "version_affected": "!" + }, + { + "version_value": "0:1.2.12-1jpp_1rh", + "version_affected": "!" + }, + { + "version_value": "1:3.0.1-1jpp_4rh", + "version_affected": "!" + }, + { + "version_value": "0:1.3.3-3.el4", + "version_affected": "!" + }, + { + "version_value": "0:7.3.0-20.el4", + "version_affected": "!" + }, + { + "version_value": "0:7.3.0-10.el4", + "version_affected": "!" + }, + { + "version_value": "0:7.3.0-14.el4", + "version_affected": "!" + }, + { + "version_value": "0:7.3.0-19.el4", + "version_affected": "!" + }, + { + "version_value": "0:7.3.0-6.el4", + "version_affected": "!" + }, + { + "version_value": "0:7.3.0-13.el4", + "version_affected": "!" + }, + { + "version_value": "0:5.5.23-0jpp_4rh.16", + "version_affected": "!" + }, + { + "version_value": "0:2.7.1-1jpp_1rh", + "version_affected": "!" + }, + { + "version_value": "0:1.3.02-2jpp_1rh", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 3", + "version": { + "version_data": [ + { + "version_value": "0:2.0.46-71.ent", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 4", + "version": { + "version_data": [ + { + "version_value": "0:2.0.52-41.ent.2", + "version_affected": "!" + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 5", + "version": { + "version_data": [ + { + "version_value": "0:2.2.3-11.el5_2.4", + "version_affected": "!" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "http://svn.apache.org/viewvc?view=rev&revision=682868", - "refsource": "CONFIRM", - "url": "http://svn.apache.org/viewvc?view=rev&revision=682868" - }, - { - "name": "34219", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/34219" - }, - { - "name": "HPSBUX02465", - "refsource": "HP", - "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" - }, - { - "name": "http://support.apple.com/kb/HT3549", - "refsource": "CONFIRM", - "url": "http://support.apple.com/kb/HT3549" - }, - { - "name": "SUSE-SR:2008:024", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html" - }, - { - "name": "247666", - "refsource": "SUNALERT", - "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1" - }, - { - "name": "32838", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/32838" - }, - { - "name": "20081122 rPSA-2008-0328-1 httpd mod_ssl", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded" - }, - { - "name": "http://www.rapid7.com/advisories/R7-0033", + "url": "https://access.redhat.com/errata/RHSA-2010:0602", "refsource": "MISC", - "url": "http://www.rapid7.com/advisories/R7-0033" + "name": "https://access.redhat.com/errata/RHSA-2010:0602" }, { - "name": "35074", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/35074" + "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "RHSA-2008:0967", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html" + "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "SSRT090192", - "refsource": "HP", - "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" + "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "30560", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/30560" + "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "32685", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/32685" + "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "APPLE-SA-2009-05-12", - "refsource": "APPLE", - "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" + "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "USN-731-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-731-1" + "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "31673", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/31673" + "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "ADV-2009-0320", - "refsource": "VUPEN", - "url": "http://www.vupen.com/english/advisories/2009/0320" + "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "20080806 Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded" + "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "PK70197", - "refsource": "AIXAPAR", - "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197" + "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "RHSA-2008:0966", - "refsource": "REDHAT", - "url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html" + "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "33156", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/33156" + "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "33797", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/33797" + "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "oval:org.mitre.oval:def:11316", - "refsource": "OVAL", - "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316" + "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "ADV-2008-2461", - "refsource": "VUPEN", - "url": "http://www.vupen.com/english/advisories/2008/2461" + "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "MDVSA-2008:194", - "refsource": "MANDRIVA", - "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194" + "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "PK70937", - "refsource": "AIXAPAR", - "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937" + "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "refsource": "MISC", + "name": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { - "name": "31384", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/31384" + "url": "http://secunia.com/advisories/35074", + "refsource": "MISC", + "name": "http://secunia.com/advisories/35074" }, { - "name": "TA09-133A", - "refsource": "CERT", - "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" + "url": "http://support.apple.com/kb/HT3549", + "refsource": "MISC", + "name": "http://support.apple.com/kb/HT3549" }, { - "name": "1020635", - "refsource": "SECTRACK", - "url": "http://www.securitytracker.com/id?1020635" + "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "refsource": "MISC", + "name": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { - "name": "ADV-2009-1297", - "refsource": "VUPEN", - "url": "http://www.vupen.com/english/advisories/2009/1297" + "url": "http://www.vupen.com/english/advisories/2009/1297", + "refsource": "MISC", + "name": "http://www.vupen.com/english/advisories/2009/1297" }, { - "name": "http://svn.apache.org/viewvc?view=rev&revision=682871", - "refsource": "CONFIRM", - "url": "http://svn.apache.org/viewvc?view=rev&revision=682871" + "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", + "refsource": "MISC", + "name": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { - "name": "MDVSA-2009:124", - "refsource": "MANDRIVA", - "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124" + "url": "http://secunia.com/advisories/33797", + "refsource": "MISC", + "name": "http://secunia.com/advisories/33797" }, { - "name": "HPSBUX02401", - "refsource": "HP", - "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" + "url": "http://www.vupen.com/english/advisories/2009/0320", + "refsource": "MISC", + "name": "http://www.vupen.com/english/advisories/2009/0320" }, { - "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0327", - "refsource": "CONFIRM", - "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327" + "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "VU#663763", - "refsource": "CERT-VN", - "url": "http://www.kb.cert.org/vuls/id/663763" + "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "apache-modproxyftp-xss(44223)", - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223" + "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E", + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E" }, { - "name": "MDVSA-2008:195", - "refsource": "MANDRIVA", - "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195" + "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2", + "refsource": "MISC", + "name": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" }, { - "name": "20081122 rPSA-2008-0327-1 httpd mod_ssl", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded" + "url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2008-0967.html" }, { - "name": "oval:org.mitre.oval:def:7716", - "refsource": "OVAL", - "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716" + "url": "http://secunia.com/advisories/32685", + "refsource": "MISC", + "name": "http://secunia.com/advisories/32685" }, { - "name": "ADV-2008-2315", - "refsource": "VUPEN", - "url": "http://www.vupen.com/english/advisories/2008/2315" + "url": "http://secunia.com/advisories/32838", + "refsource": "MISC", + "name": "http://secunia.com/advisories/32838" }, { - "name": "SSRT090005", - "refsource": "HP", - "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" + "url": "http://secunia.com/advisories/33156", + "refsource": "MISC", + "name": "http://secunia.com/advisories/33156" }, { - "name": "http://svn.apache.org/viewvc?view=rev&revision=682870", - "refsource": "CONFIRM", - "url": "http://svn.apache.org/viewvc?view=rev&revision=682870" + "url": "http://secunia.com/advisories/34219", + "refsource": "MISC", + "name": "http://secunia.com/advisories/34219" }, { - "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328", - "refsource": "CONFIRM", - "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328" + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1", + "refsource": "MISC", + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E" + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328", + "refsource": "MISC", + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195", + "refsource": "MISC", + "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html", + "refsource": "MISC", + "name": "http://www.redhat.com/support/errata/RHSA-2008-0966.html" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/498567/100/0/threaded" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.ubuntu.com/usn/USN-731-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-731-1" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E" + "url": "https://access.redhat.com/errata/RHSA-2008:0966", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2008:0966" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E" + "url": "https://access.redhat.com/errata/RHSA-2008:0967", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2008:0967" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E" + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", - "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124", + "refsource": "MISC", + "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/", - "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E" + "url": "http://secunia.com/advisories/31384", + "refsource": "MISC", + "name": "http://secunia.com/advisories/31384" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E" + "url": "http://secunia.com/advisories/31673", + "refsource": "MISC", + "name": "http://secunia.com/advisories/31673" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", - "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E" + "url": "http://svn.apache.org/viewvc?view=rev&revision=682868", + "refsource": "MISC", + "name": "http://svn.apache.org/viewvc?view=rev&revision=682868" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E" + "url": "http://svn.apache.org/viewvc?view=rev&revision=682870", + "refsource": "MISC", + "name": "http://svn.apache.org/viewvc?view=rev&revision=682870" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", - "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E" + "url": "http://svn.apache.org/viewvc?view=rev&revision=682871", + "refsource": "MISC", + "name": "http://svn.apache.org/viewvc?view=rev&revision=682871" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E" + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327", + "refsource": "MISC", + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0327" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", - "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197", + "refsource": "MISC", + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210330 svn commit: r1073149 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", - "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E" + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937", + "refsource": "MISC", + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.kb.cert.org/vuls/id/663763", + "refsource": "MISC", + "name": "http://www.kb.cert.org/vuls/id/663763" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194", + "refsource": "MISC", + "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194" }, { - "refsource": "MLIST", - "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", - "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E" + "url": "http://www.rapid7.com/advisories/R7-0033", + "refsource": "MISC", + "name": "http://www.rapid7.com/advisories/R7-0033" + }, + { + "url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/495180/100/0/threaded" + }, + { + "url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/498566/100/0/threaded" + }, + { + "url": "http://www.securityfocus.com/bid/30560", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/30560" + }, + { + "url": "http://www.securitytracker.com/id?1020635", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id?1020635" + }, + { + "url": "http://www.vupen.com/english/advisories/2008/2315", + "refsource": "MISC", + "name": "http://www.vupen.com/english/advisories/2008/2315" + }, + { + "url": "http://www.vupen.com/english/advisories/2008/2461", + "refsource": "MISC", + "name": "http://www.vupen.com/english/advisories/2008/2461" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2008-2939", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2008-2939" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458250", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=458250" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223" + }, + { + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316", + "refsource": "MISC", + "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316" + }, + { + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716", + "refsource": "MISC", + "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716" } ] } diff --git a/2023/23xxx/CVE-2023-23110.json b/2023/23xxx/CVE-2023-23110.json index 9a60fecb13b..245bfe54088 100644 --- a/2023/23xxx/CVE-2023-23110.json +++ b/2023/23xxx/CVE-2023-23110.json @@ -61,6 +61,46 @@ "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/SJCGkb-9o", "refsource": "MISC", "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/SJCGkb-9o" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/r1Z4BX-5i", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/r1Z4BX-5i" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/H1lIcXbco", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/H1lIcXbco" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/ryjVZz-5s", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/ryjVZz-5s" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/S1t47Ebqj", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/S1t47Ebqj" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/S1BNhbWqi", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/S1BNhbWqi" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/HyZRxmb9s", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/HyZRxmb9s" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/BkBPIeGco", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/BkBPIeGco" + }, + { + "refsource": "MISC", + "name": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/S1qWglM5o", + "url": "https://hackmd.io/@slASVrz_SrW7NQCsunofeA/S1qWglM5o" } ] }