admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:01:56 +00:00
parent 3677c49746
commit e53a88d9b6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 4208 additions and 4208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2006/0xxx/CVE-2006-0304.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0304",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0304",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field."
"lang": "eng",
"value": "Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aluigi.altervista.org/adv/dualsbof-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/dualsbof-adv.txt"
"name": "1015495",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015495"
},
{
"name" : "16298",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16298"
"name": "http://aluigi.altervista.org/adv/dualsbof-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/dualsbof-adv.txt"
},
{
"name" : "ADV-2006-0245",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0245"
"name": "16298",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16298"
},
{
"name" : "1015495",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015495"
"name": "ADV-2006-0245",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0245"
},
{
"name" : "18486",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18486"
"name": "dualdhcpdns-options-field-bo(24191)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24191"
},
{
"name" : "dualdhcpdns-options-field-bo(24191)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24191"
"name": "18486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18486"
}
]
}

98
2006/1xxx/CVE-2006-1138.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1138",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1138",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf"
"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf"
},
{
"name" : "17014",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17014"
"name": "ADV-2006-0857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0857"
},
{
"name" : "ADV-2006-0857",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0857"
"name": "19146",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19146"
},
{
"name" : "23727",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/23727"
"name": "xerox-web-corruption-dos(25175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25175"
},
{
"name" : "1015738",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015738"
"name": "23727",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23727"
},
{
"name" : "19146",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19146"
"name": "17014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17014"
},
{
"name" : "xerox-web-corruption-dos(25175)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25175"
"name": "1015738",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015738"
}
]
}

86
2006/1xxx/CVE-2006-1408.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1408",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1408",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via (1) a packet with no data or (2) a large packet, which prevents Vavoom from discarding the packet from the socket."
"lang": "eng",
"value": "Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via (1) a packet with no data or (2) a large packet, which prevents Vavoom from discarding the packet from the socket."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aluigi.altervista.org/adv/vaboom-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/vaboom-adv.txt"
"name": "ADV-2006-1104",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1104"
},
{
"name" : "17261",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17261"
"name": "19388",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19388"
},
{
"name" : "ADV-2006-1104",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1104"
"name": "http://aluigi.altervista.org/adv/vaboom-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/vaboom-adv.txt"
},
{
"name" : "19388",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19388"
"name": "17261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17261"
},
{
"name" : "vavoom-fionread-dos(25454)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25454"
"name": "vavoom-fionread-dos(25454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25454"
}
]
}

170
2006/1xxx/CVE-2006-1863.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1863",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-1863",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1864."
"lang": "eng",
"value": "Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1864."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434"
"name": "ADV-2006-2554",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2554"
},
{
"name" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=296034f7de8bdf111984ce1630ac598a9c94a253",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=296034f7de8bdf111984ce1630ac598a9c94a253"
"name": "17742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17742"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11"
"name": "MDKSA-2006:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
},
{
"name" : "DSA-1103",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1103"
"name": "oval:org.mitre.oval:def:10383",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10383"
},
{
"name" : "MDKSA-2006:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
"name": "ADV-2006-1542",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1542"
},
{
"name" : "MDKSA-2006:151",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434"
},
{
"name" : "RHBA-2007-0304",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHBA-2007-0304.html"
"name": "MDKSA-2006:151",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
},
{
"name" : "SUSE-SA:2006:028",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006-05-31.html"
"name": "21614",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21614"
},
{
"name" : "2006-0024",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2006/0024"
"name": "SUSE-SA:2006:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
},
{
"name" : "17742",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17742"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11"
},
{
"name" : "oval:org.mitre.oval:def:10383",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10383"
"name": "DSA-1103",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1103"
},
{
"name" : "ADV-2006-1542",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1542"
"name": "RHBA-2007-0304",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html"
},
{
"name" : "ADV-2006-2554",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2554"
"name": "2006-0024",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0024"
},
{
"name" : "25068",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/25068"
"name": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=296034f7de8bdf111984ce1630ac598a9c94a253",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=296034f7de8bdf111984ce1630ac598a9c94a253"
},
{
"name" : "19868",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19868"
"name": "20398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20398"
},
{
"name" : "20914",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20914"
"name": "kernel-cifs-directory-traversal(26141)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26141"
},
{
"name" : "21614",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21614"
"name": "19868",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19868"
},
{
"name" : "20398",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20398"
"name": "25068",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25068"
},
{
"name" : "kernel-cifs-directory-traversal(26141)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26141"
"name": "20914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20914"
}
]
}

110
2006/5xxx/CVE-2006-5229.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5229",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5229",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds."
"lang": "eng",
"value": "OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061009 yet another OpenSSH timing leak?",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448025/100/0/threaded"
"name": "25979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25979"
},
{
"name" : "20061009 Re: yet another OpenSSH timing leak?",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448108/100/0/threaded"
"name": "20061014 Re: yet another OpenSSH timing leak?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448702/100/0/threaded"
},
{
"name" : "20061010 Re: yet another OpenSSH timing leak?",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448156/100/0/threaded"
"name": "20061009 yet another OpenSSH timing leak?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448025/100/0/threaded"
},
{
"name" : "20061014 Re: yet another OpenSSH timing leak?",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448702/100/0/threaded"
"name": "20061010 Re: yet another OpenSSH timing leak?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448156/100/0/threaded"
},
{
"name" : "http://www.sybsecurity.com/hack-proventia-1.pdf",
"refsource" : "MISC",
"url" : "http://www.sybsecurity.com/hack-proventia-1.pdf"
"name": "ADV-2007-2545",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2545"
},
{
"name" : "20418",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20418"
"name": "20418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20418"
},
{
"name" : "ADV-2007-2545",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2545"
"name": "20061009 Re: yet another OpenSSH timing leak?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448108/100/0/threaded"
},
{
"name" : "32721",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/32721"
"name": "32721",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32721"
},
{
"name" : "25979",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25979"
"name": "http://www.sybsecurity.com/hack-proventia-1.pdf",
"refsource": "MISC",
"url": "http://www.sybsecurity.com/hack-proventia-1.pdf"
}
]
}

74
2006/5xxx/CVE-2006-5311.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5311",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5311",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061012 Buzlas <= v2006-1 Full Remote File Include Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448577/100/0/threaded"
"name": "20511",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20511"
},
{
"name" : "20511",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20511"
"name": "20061012 Buzlas <= v2006-1 Full Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448577/100/0/threaded"
},
{
"name" : "1730",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1730"
"name": "1730",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1730"
}
]
}

74
2006/5xxx/CVE-2006-5434.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5434",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5434",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 and 1.17 allows remote attackers to execute arbitrary PHP code via a URL in the pn_lang parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 and 1.17 allows remote attackers to execute arbitrary PHP code via a URL in the pn_lang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2577",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2577"
"name": "20569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20569"
},
{
"name" : "20569",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20569"
"name": "pnews-pnews-file-include(29587)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29587"
},
{
"name" : "pnews-pnews-file-include(29587)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29587"
"name": "2577",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2577"
}
]
}

86
2006/5xxx/CVE-2006-5641.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5641",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5641",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams Announcement allows remote attackers to execute arbitrary SQL commands via the key parameter."
"lang": "eng",
"value": "SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams Announcement allows remote attackers to execute arbitrary SQL commands via the key parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2683",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2683"
"name": "technodreamsann-main-sql-injection(29870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29870"
},
{
"name" : "20794",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20794"
"name": "22598",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22598"
},
{
"name" : "ADV-2006-4276",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4276"
"name": "2683",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2683"
},
{
"name" : "22598",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22598"
"name": "ADV-2006-4276",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4276"
},
{
"name" : "technodreamsann-main-sql-injection(29870)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29870"
"name": "20794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20794"
}
]
}

80
2006/5xxx/CVE-2006-5759.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5759",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5759",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message."
"lang": "eng",
"value": "index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061104 IF-CMS multiples XSS vunerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/450566/100/0/threaded"
"name": "1825",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1825"
},
{
"name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=5",
"refsource" : "MISC",
"url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=5"
"name": "20061104 IF-CMS multiples XSS vunerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450566/100/0/threaded"
},
{
"name" : "1825",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1825"
"name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=5",
"refsource": "MISC",
"url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=5"
},
{
"name" : "ifcms-index-path-disclosure(30012)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30012"
"name": "ifcms-index-path-disclosure(30012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30012"
}
]
}

104
2007/2xxx/CVE-2007-2061.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2061",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2061",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070413 [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465611/100/0/threaded"
"name": "ADV-2007-1416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1416"
},
{
"name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls44",
"refsource" : "MISC",
"url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls44"
"name": "24882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24882"
},
{
"name" : "23481",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23481"
"name": "mailbee-checklogin-xss(33645)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33645"
},
{
"name" : "ADV-2007-1416",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1416"
"name": "20070413 [MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465611/100/0/threaded"
},
{
"name" : "34974",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34974"
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls44",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls44"
},
{
"name" : "24882",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24882"
"name": "2572",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2572"
},
{
"name" : "2572",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2572"
"name": "34974",
"refsource": "OSVDB",
"url": "http://osvdb.org/34974"
},
{
"name" : "mailbee-checklogin-xss(33645)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33645"
"name": "23481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23481"
}
]
}

98
2007/2xxx/CVE-2007-2409.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2409",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2409",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window."
"lang": "eng",
"value": "Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://docs.info.apple.com/article.html?artnum=306172",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=306172"
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name" : "APPLE-SA-2007-07-31",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name" : "25159",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25159"
"name": "1018494",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018494"
},
{
"name" : "ADV-2007-2732",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2732"
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name" : "1018494",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018494"
"name": "macos-webcore-information-disclosure(35740)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35740"
},
{
"name" : "26235",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26235"
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name" : "macos-webcore-information-disclosure(35740)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35740"
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}

104
2007/2xxx/CVE-2007-2440.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2440",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2440",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a \"\\web-inf\" sequence."
"lang": "eng",
"value": "Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a \"\\web-inf\" sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.rapid7.com/advisories/R7-0029.jsp",
"refsource" : "MISC",
"url" : "http://www.rapid7.com/advisories/R7-0029.jsp"
"name": "1018061",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018061"
},
{
"name" : "http://www.caucho.com/resin-3.1/changes/changes.xtp",
"refsource" : "CONFIRM",
"url" : "http://www.caucho.com/resin-3.1/changes/changes.xtp"
"name": "http://www.rapid7.com/advisories/R7-0029.jsp",
"refsource": "MISC",
"url": "http://www.rapid7.com/advisories/R7-0029.jsp"
},
{
"name" : "23985",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23985"
"name": "resin-webinf-directory-traversal(34296)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34296"
},
{
"name" : "ADV-2007-1824",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1824"
"name": "25286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25286"
},
{
"name" : "36058",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36058"
"name": "ADV-2007-1824",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1824"
},
{
"name" : "1018061",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018061"
"name": "36058",
"refsource": "OSVDB",
"url": "http://osvdb.org/36058"
},
{
"name" : "25286",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25286"
"name": "23985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23985"
},
{
"name" : "resin-webinf-directory-traversal(34296)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34296"
"name": "http://www.caucho.com/resin-3.1/changes/changes.xtp",
"refsource": "CONFIRM",
"url": "http://www.caucho.com/resin-3.1/changes/changes.xtp"
}
]
}

92
2007/2xxx/CVE-2007-2475.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to granting \"users excess permissions to their own attributes.\""
"lang": "eng",
"value": "Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to granting \"users excess permissions to their own attributes.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5003822.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5003822.html"
"name": "1018006",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018006"
},
{
"name" : "23547",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23547"
"name": "23547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23547"
},
{
"name" : "ADV-2007-1436",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1436"
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5003822.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5003822.html"
},
{
"name" : "35774",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35774"
"name": "35774",
"refsource": "OSVDB",
"url": "http://osvdb.org/35774"
},
{
"name" : "1018006",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018006"
"name": "ADV-2007-1436",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1436"
},
{
"name" : "25160",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25160"
"name": "25160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25160"
}
]
}

434
2007/2xxx/CVE-2007-2756.json
View File

@ -1,371 +1,371 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2756",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2756",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng."
"lang": "eng",
"value": "The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.libgd.org/?do=details&task_id=86",
"refsource" : "CONFIRM",
"url" : "http://bugs.libgd.org/?do=details&task_id=86"
"name": "26231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26231"
},
{
"name" : "http://www.php.net/releases/5_2_3.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_3.php"
"name": "36643",
"refsource": "OSVDB",
"url": "http://osvdb.org/36643"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1394",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1394"
"name": "1018187",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018187"
},
{
"name" : "http://www.libgd.org/ReleaseNote020035",
"refsource" : "CONFIRM",
"url" : "http://www.libgd.org/ReleaseNote020035"
"name": "29157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29157"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
"name": "25658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25658"
},
{
"name" : "FEDORA-2007-709",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
"name": "27110",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27110"
},
{
"name" : "FEDORA-2007-2215",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
"name": "25590",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25590"
},
{
"name" : "GLSA-200708-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200708-05.xml"
"name": "26048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26048"
},
{
"name" : "GLSA-200710-02",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
"name": "gd-gdpngreaddata-dos(34420)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34420"
},
{
"name" : "GLSA-200711-34",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200711-34.xml"
"name": "25362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25362"
},
{
"name" : "GLSA-200805-13",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200805-13.xml"
"name": "OpenPKG-SA-2007.020",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html"
},
{
"name" : "HPSBUX02262",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
"name": "25657",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25657"
},
{
"name" : "SSRT071447",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
"name": "FEDORA-2007-709",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
},
{
"name" : "MDKSA-2007:123",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:123"
"name": "25855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25855"
},
{
"name" : "MDKSA-2007:124",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:124"
"name": "26967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26967"
},
{
"name" : "MDKSA-2007:122",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:122"
"name": "MDKSA-2007:122",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:122"
},
{
"name" : "MDKSA-2007:187",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
"name": "ADV-2007-2016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name" : "OpenPKG-SA-2007.020",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html"
"name": "GLSA-200805-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name" : "RHSA-2007:0890",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
"name": "GLSA-200710-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name" : "RHSA-2007:0889",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
"name": "MDKSA-2007:123",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:123"
},
{
"name" : "RHSA-2007:0891",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
"name": "24089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24089"
},
{
"name" : "RHSA-2008:0146",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0146.html"
"name": "http://www.libgd.org/ReleaseNote020035",
"refsource": "CONFIRM",
"url": "http://www.libgd.org/ReleaseNote020035"
},
{
"name" : "SSA:2007-152-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863"
"name": "GLSA-200708-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200708-05.xml"
},
{
"name" : "SUSE-SR:2007:013",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_13_sr.html"
"name": "30168",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30168"
},
{
"name" : "SUSE-SA:2007:044",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
"name": "MDKSA-2007:124",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:124"
},
{
"name" : "2007-0019",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0019/"
"name": "ADV-2007-1904",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1904"
},
{
"name" : "2007-0023",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0023/"
"name": "26930",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26930"
},
{
"name" : "USN-473-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-473-1"
"name": "35788",
"refsource": "OSVDB",
"url": "http://osvdb.org/35788"
},
{
"name" : "24089",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24089"
"name": "FEDORA-2007-2215",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name" : "36643",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36643"
"name": "ADV-2007-2336",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2336"
},
{
"name" : "35788",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35788"
"name": "RHSA-2007:0889",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
},
{
"name" : "oval:org.mitre.oval:def:10779",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779"
"name": "2007-0023",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name" : "ADV-2007-1905",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1905"
"name": "25353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25353"
},
{
"name" : "ADV-2007-1904",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1904"
"name": "ADV-2007-3386",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name" : "ADV-2007-2016",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2016"
"name": "http://bugs.libgd.org/?do=details&task_id=86",
"refsource": "CONFIRM",
"url": "http://bugs.libgd.org/?do=details&task_id=86"
},
{
"name" : "ADV-2007-2336",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2336"
"name": "2007-0019",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"name" : "ADV-2007-3386",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3386"
"name": "27037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27037"
},
{
"name" : "1018187",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018187"
"name": "SUSE-SR:2007:013",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"
},
{
"name" : "25378",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25378"
"name": "25378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25378"
},
{
"name" : "25362",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25362"
"name": "27545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27545"
},
{
"name" : "25353",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25353"
"name": "GLSA-200711-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name" : "25535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25535"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
},
{
"name" : "25590",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25590"
"name": "SSA:2007-152-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863"
},
{
"name" : "25575",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25575"
"name": "25646",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25646"
},
{
"name" : "25646",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25646"
"name": "RHSA-2008:0146",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0146.html"
},
{
"name" : "25658",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25658"
"name": "http://www.php.net/releases/5_2_3.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name" : "25657",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25657"
"name": "SSRT071447",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name" : "25855",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25855"
"name": "https://issues.rpath.com/browse/RPL-1394",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1394"
},
{
"name" : "26048",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26048"
"name": "HPSBUX02262",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name" : "26231",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26231"
"name": "25535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25535"
},
{
"name" : "26390",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26390"
"name": "MDKSA-2007:187",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name" : "26930",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26930"
"name": "27102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27102"
},
{
"name" : "26871",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26871"
"name": "oval:org.mitre.oval:def:10779",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779"
},
{
"name" : "26895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26895"
"name": "26895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26895"
},
{
"name" : "26967",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26967"
"name": "25787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25787"
},
{
"name" : "27037",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27037"
"name": "25575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25575"
},
{
"name" : "27110",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27110"
"name": "RHSA-2007:0890",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"name" : "25787",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25787"
"name": "ADV-2007-1905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1905"
},
{
"name" : "27545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27545"
"name": "26390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26390"
},
{
"name" : "27102",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27102"
"name": "RHSA-2007:0891",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"name" : "29157",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29157"
"name": "USN-473-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-473-1"
},
{
"name" : "30168",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30168"
"name": "26871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26871"
},
{
"name" : "gd-gdpngreaddata-dos(34420)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34420"
"name": "SUSE-SA:2007:044",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
}
]
}

86
2010/0xxx/CVE-2010-0550.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0550",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0550",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy."
"lang": "eng",
"value": "admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100127 [RT-SA-2010-003] Geo++(R) GNCASTER: Faulty implementation of HTTPDigest Authentication",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/509199/100/0/threaded"
"name": "20100127 [RT-SA-2010-003] Geo++(R) GNCASTER: Faulty implementation of HTTPDigest Authentication",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509199/100/0/threaded"
},
{
"name" : "http://www.redteam-pentesting.de/en/advisories/rt-sa-2010-003/-geo-r-gncaster-faulty-implementation-of-http-digest-authentication",
"refsource" : "MISC",
"url" : "http://www.redteam-pentesting.de/en/advisories/rt-sa-2010-003/-geo-r-gncaster-faulty-implementation-of-http-digest-authentication"
"name": "gncaster-httpbasic-weak-security(55976)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55976"
},
{
"name" : "62013",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/62013"
"name": "http://www.redteam-pentesting.de/en/advisories/rt-sa-2010-003/-geo-r-gncaster-faulty-implementation-of-http-digest-authentication",
"refsource": "MISC",
"url": "http://www.redteam-pentesting.de/en/advisories/rt-sa-2010-003/-geo-r-gncaster-faulty-implementation-of-http-digest-authentication"
},
{
"name" : "38323",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38323"
"name": "62013",
"refsource": "OSVDB",
"url": "http://osvdb.org/62013"
},
{
"name" : "gncaster-httpbasic-weak-security(55976)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55976"
"name": "38323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38323"
}
]
}

164
2010/0xxx/CVE-2010-0828.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0828",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2010-0828",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995"
"name": "39267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39267"
},
{
"name" : "http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca",
"refsource" : "CONFIRM",
"url" : "http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca"
"name": "ADV-2010-0767",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0767"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022"
"name": "39110",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39110"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=578801",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=578801"
"name": "moinmoin-despam-xss(57435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57435"
},
{
"name" : "DSA-2024",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2024"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=578801",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=578801"
},
{
"name" : "FEDORA-2010-6012",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html"
"name": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022"
},
{
"name" : "FEDORA-2010-6134",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html"
"name": "FEDORA-2010-6134",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html"
},
{
"name" : "FEDORA-2010-6180",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html"
"name": "DSA-2024",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2024"
},
{
"name" : "USN-925-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-925-1"
"name": "ADV-2010-0834",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0834"
},
{
"name" : "39110",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39110"
"name": "39284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39284"
},
{
"name" : "39188",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39188"
"name": "FEDORA-2010-6012",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html"
},
{
"name" : "39190",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39190"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995"
},
{
"name" : "39267",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39267"
"name": "39190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39190"
},
{
"name" : "39284",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39284"
"name": "http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca"
},
{
"name" : "ADV-2010-0767",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0767"
"name": "39188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39188"
},
{
"name" : "ADV-2010-0831",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0831"
"name": "ADV-2010-0831",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0831"
},
{
"name" : "ADV-2010-0834",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0834"
"name": "USN-925-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-925-1"
},
{
"name" : "moinmoin-despam-xss(57435)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57435"
"name": "FEDORA-2010-6180",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html"
}
]
}

68
2010/0xxx/CVE-2010-0930.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0930",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0930",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via crafted data that includes a byte sequence of 0xdc, 0xff, 0xff, and 0xff immediately before the client protocol version number."
"lang": "eng",
"value": "The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via crafted data that includes a byte sequence of 0xdc, 0xff, 0xff, and 0xff immediately before the client protocol version number."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[dailydave] 20100304 Perforce",
"refsource" : "MLIST",
"url" : "http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html"
"name": "36261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36261"
},
{
"name" : "36261",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36261"
"name": "[dailydave] 20100304 Perforce",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html"
}
]
}

80
2010/0xxx/CVE-2010-0958.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0958",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0958",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/1003-exploits/tribisur-lfi.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1003-exploits/tribisur-lfi.txt"
"name": "http://packetstormsecurity.org/1003-exploits/tribisur-lfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/tribisur-lfi.txt"
},
{
"name" : "11655",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11655"
"name": "28362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28362"
},
{
"name" : "38596",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38596"
"name": "11655",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11655"
},
{
"name" : "28362",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28362"
"name": "38596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38596"
}
]
}

122
2010/1xxx/CVE-2010-1142.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1142",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1142",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk."
"lang": "eng",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name" : "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name" : "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource" : "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name" : "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt",
"refsource" : "MISC",
"url" : "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
"name": "39394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39394"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name" : "GLSA-201209-25",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201209-25.xml"
"name": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt",
"refsource": "MISC",
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
},
{
"name" : "39394",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39394"
"name": "1023833",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name" : "1023832",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023832"
"name": "39198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39198"
},
{
"name" : "1023833",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023833"
"name": "1023832",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"name" : "39198",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39198"
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name" : "39206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39206"
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}

146
2010/3xxx/CVE-2010-3170.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3170",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3170",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority."
"lang": "eng",
"value": "Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-70.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-70.html"
"name": "SUSE-SR:2010:020",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=578697",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=578697"
"name": "RHSA-2010:0782",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0782.html"
},
{
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource" : "CONFIRM",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
"name": "MDVSA-2010:210",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100114250",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100114250"
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100120156",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100120156"
"name": "RHSA-2010:0781",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0781.html"
},
{
"name" : "DSA-2123",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2123"
"name": "42867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42867"
},
{
"name" : "MDVSA-2010:210",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210"
"name": "ADV-2011-0061",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"name" : "RHSA-2010:0781",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0781.html"
"name": "USN-1007-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1007-1"
},
{
"name" : "RHSA-2010:0782",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0782.html"
"name": "DSA-2123",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2123"
},
{
"name" : "SUSE-SR:2010:020",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
"name": "http://support.avaya.com/css/P8/documents/100114250",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114250"
},
{
"name" : "USN-1007-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1007-1"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=578697",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=578697"
},
{
"name" : "oval:org.mitre.oval:def:12254",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12254"
"name": "http://support.avaya.com/css/P8/documents/100120156",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100120156"
},
{
"name" : "41839",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41839"
"name": "oval:org.mitre.oval:def:12254",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12254"
},
{
"name" : "42867",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42867"
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-70.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-70.html"
},
{
"name" : "ADV-2011-0061",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0061"
"name": "41839",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41839"
}
]
}

80
2010/3xxx/CVE-2010-3956.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3956",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-3956",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain privileges via a crafted OpenType font, aka \"OpenType Font Index Vulnerability.\""
"lang": "eng",
"value": "The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain privileges via a crafted OpenType font, aka \"OpenType Font Index Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS10-091",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091"
"name": "TA10-348A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
},
{
"name" : "TA10-348A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
"name": "1024873",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024873"
},
{
"name" : "oval:org.mitre.oval:def:12357",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12357"
"name": "oval:org.mitre.oval:def:12357",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12357"
},
{
"name" : "1024873",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024873"
"name": "MS10-091",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-091"
}
]
}

170
2010/4xxx/CVE-2010-4169.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4169",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4169",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call."
"lang": "eng",
"value": "Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20101115 CVE request: kernel: perf bug",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=128979684911295&w=2"
"name": "SUSE-SA:2011:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html"
},
{
"name" : "[oss-security] 20101115 Re: CVE request: kernel: perf bug",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=oss-security&m=128984344103497&w=2"
"name": "42778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42778"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=63bfd7384b119409685a17d5c58f0b56e5dc03da",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=63bfd7384b119409685a17d5c58f0b56e5dc03da"
"name": "44861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44861"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2"
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=651671",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=651671"
"name": "FEDORA-2010-18983",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html"
},
{
"name" : "FEDORA-2010-18983",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=63bfd7384b119409685a17d5c58f0b56e5dc03da",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=63bfd7384b119409685a17d5c58f0b56e5dc03da"
},
{
"name" : "RHSA-2010:0958",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
"name": "SUSE-SA:2011:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
},
{
"name" : "SUSE-SA:2011:001",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
"name": "42932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42932"
},
{
"name" : "SUSE-SA:2011:004",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html"
"name": "kernel-perfeventmmap-dos(63316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63316"
},
{
"name" : "SUSE-SA:2011:007",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"name": "ADV-2011-0124",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0124"
},
{
"name" : "44861",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44861"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=651671",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651671"
},
{
"name" : "42745",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42745"
"name": "SUSE-SA:2011:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
},
{
"name" : "42778",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42778"
"name": "ADV-2010-3321",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3321"
},
{
"name" : "42932",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42932"
"name": "ADV-2011-0298",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0298"
},
{
"name" : "ADV-2010-3321",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3321"
"name": "RHSA-2010:0958",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0958.html"
},
{
"name" : "ADV-2011-0012",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0012"
"name": "[oss-security] 20101115 Re: CVE request: kernel: perf bug",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128984344103497&w=2"
},
{
"name" : "ADV-2011-0124",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0124"
"name": "[oss-security] 20101115 CVE request: kernel: perf bug",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=128979684911295&w=2"
},
{
"name" : "ADV-2011-0298",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0298"
"name": "ADV-2011-0012",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0012"
},
{
"name" : "kernel-perfeventmmap-dos(63316)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63316"
"name": "42745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42745"
}
]
}

86
2010/4xxx/CVE-2010-4586.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4586",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4586",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508."
"lang": "eng",
"value": "The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1100/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1100/"
"name": "42653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42653"
},
{
"name" : "http://www.opera.com/docs/changelogs/unix/1100/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unix/1100/"
"name": "http://www.opera.com/docs/changelogs/unix/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1100/"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1100/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1100/"
"name": "http://www.opera.com/docs/changelogs/windows/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1100/"
},
{
"name" : "SUSE-SR:2010:024",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
"name": "http://www.opera.com/docs/changelogs/mac/1100/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1100/"
},
{
"name" : "42653",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42653"
"name": "SUSE-SR:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
}
]
}

62
2010/4xxx/CVE-2010-4878.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4878",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4878",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "14809",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14809"
"name": "14809",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14809"
}
]
}

68
2010/5xxx/CVE-2010-5140.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5140",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5140",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-valued transactions without transaction fees."
"lang": "eng",
"value": "wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-valued transactions without transaction fees."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.bitcoin.org/smf/index.php?topic=1306.0",
"refsource" : "CONFIRM",
"url" : "http://www.bitcoin.org/smf/index.php?topic=1306.0"
"name": "https://en.bitcoin.it/wiki/CVEs",
"refsource": "CONFIRM",
"url": "https://en.bitcoin.it/wiki/CVEs"
},
{
"name" : "https://en.bitcoin.it/wiki/CVEs",
"refsource" : "CONFIRM",
"url" : "https://en.bitcoin.it/wiki/CVEs"
"name": "http://www.bitcoin.org/smf/index.php?topic=1306.0",
"refsource": "CONFIRM",
"url": "http://www.bitcoin.org/smf/index.php?topic=1306.0"
}
]
}

110
2014/0xxx/CVE-2014-0514.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0514",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0514",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636."
"lang": "eng",
"value": "The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140413 Adobe Reader for Android exposes insecure Javascript interfaces",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/531831/100/0/threaded"
"name": "http://packetstormsecurity.com/files/127113/Adobe-Reader-for-Android-addJavascriptInterface-Exploit.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127113/Adobe-Reader-for-Android-addJavascriptInterface-Exploit.html"
},
{
"name" : "32884",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/32884"
"name": "66798",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66798"
},
{
"name" : "33791",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/33791"
"name": "33791",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33791"
},
{
"name" : "20140413 Adobe Reader for Android exposes insecure Javascript interfaces",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Apr/192"
"name": "20140413 Adobe Reader for Android exposes insecure Javascript interfaces",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531831/100/0/threaded"
},
{
"name" : "http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.html",
"refsource" : "MISC",
"url" : "http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.html"
"name": "105781",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/105781"
},
{
"name" : "http://packetstormsecurity.com/files/127113/Adobe-Reader-for-Android-addJavascriptInterface-Exploit.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127113/Adobe-Reader-for-Android-addJavascriptInterface-Exploit.html"
"name": "http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.html"
},
{
"name" : "http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.html"
"name": "32884",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/32884"
},
{
"name" : "66798",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66798"
"name": "20140413 Adobe Reader for Android exposes insecure Javascript interfaces",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Apr/192"
},
{
"name" : "105781",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/105781"
"name": "http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.html",
"refsource": "MISC",
"url": "http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.html"
}
]
}

134
2014/0xxx/CVE-2014-0536.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0536",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0536",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-16.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-16.html"
"name": "openSUSE-SU-2014:0798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html"
},
{
"name" : "GLSA-201406-17",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-17.xml"
"name": "openSUSE-SU-2014:0799",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html"
},
{
"name" : "RHSA-2014:0745",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0745.html"
"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-16.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-16.html"
},
{
"name" : "SUSE-SU-2014:0806",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html"
"name": "RHSA-2014:0745",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0745.html"
},
{
"name" : "openSUSE-SU-2014:0798",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html"
"name": "59304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59304"
},
{
"name" : "openSUSE-SU-2014:0799",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html"
"name": "67961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67961"
},
{
"name" : "67961",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67961"
"name": "59053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59053"
},
{
"name" : "1030368",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030368"
"name": "58465",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58465"
},
{
"name" : "58390",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58390"
"name": "1030368",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030368"
},
{
"name" : "58465",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58465"
"name": "SUSE-SU-2014:0806",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html"
},
{
"name" : "58585",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/58585"
"name": "58585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58585"
},
{
"name" : "59053",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59053"
"name": "58390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58390"
},
{
"name" : "59304",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59304"
"name": "GLSA-201406-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-17.xml"
}
]
}

68
2014/0xxx/CVE-2014-0877.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0877",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0877",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remote attackers to bypass intended access restrictions by visiting the Rights page and then following a generated link."
"lang": "eng",
"value": "IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remote attackers to bypass intended access restrictions by visiting the Rights page and then following a generated link."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682395",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682395"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682395",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682395"
},
{
"name" : "ibm-cognos-cve20140877-sec-bypass(91064)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91064"
"name": "ibm-cognos-cve20140877-sec-bypass(91064)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91064"
}
]
}

68
2014/0xxx/CVE-2014-0987.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0987",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0987",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter."
"lang": "eng",
"value": "Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01"
},
{
"name" : "69532",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69532"
"name": "69532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69532"
}
]
}

62
2014/1xxx/CVE-2014-1243.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1243",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-1243",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file."
"lang": "eng",
"value": "Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT6151",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6151"
"name": "http://support.apple.com/kb/HT6151",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6151"
}
]
}

74
2014/4xxx/CVE-2014-4047.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4047",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4047",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service (connection consumption) via a large number of (1) inactive or (2) incomplete HTTP connections."
"lang": "eng",
"value": "Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service (connection consumption) via a large number of (1) inactive or (2) incomplete HTTP connections."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140612 AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/532415/100/0/threaded"
"name": "20140612 AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532415/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/127089/Asterisk-Project-Security-Advisory-AST-2014-007.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127089/Asterisk-Project-Security-Advisory-AST-2014-007.html"
"name": "http://packetstormsecurity.com/files/127089/Asterisk-Project-Security-Advisory-AST-2014-007.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127089/Asterisk-Project-Security-Advisory-AST-2014-007.html"
},
{
"name" : "http://downloads.asterisk.org/pub/security/AST-2014-007.html",
"refsource" : "CONFIRM",
"url" : "http://downloads.asterisk.org/pub/security/AST-2014-007.html"
"name": "http://downloads.asterisk.org/pub/security/AST-2014-007.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2014-007.html"
}
]
}

128
2014/4xxx/CVE-2014-4420.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4420",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-4420",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421."
"lang": "eng",
"value": "The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/kb/HT6535",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6535"
"name": "http://support.apple.com/kb/HT6441",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6441"
},
{
"name" : "http://support.apple.com/HT204244",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/HT204244"
"name": "1030866",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030866"
},
{
"name" : "http://support.apple.com/kb/HT6441",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6441"
"name": "http://support.apple.com/kb/HT6442",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6442"
},
{
"name" : "http://support.apple.com/kb/HT6442",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6442"
"name": "APPLE-SA-2014-10-16-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name" : "APPLE-SA-2014-09-17-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
"name": "APPLE-SA-2014-09-17-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
},
{
"name" : "APPLE-SA-2014-09-17-2",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html"
"name": "69882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69882"
},
{
"name" : "APPLE-SA-2014-10-16-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
"name": "http://support.apple.com/HT204244",
"refsource": "CONFIRM",
"url": "http://support.apple.com/HT204244"
},
{
"name" : "APPLE-SA-2015-01-27-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
"name": "appleioscve20144420-info-disc(96102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96102"
},
{
"name" : "69882",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69882"
"name": "https://support.apple.com/kb/HT6535",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6535"
},
{
"name" : "69927",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69927"
"name": "APPLE-SA-2014-09-17-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html"
},
{
"name" : "1030866",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030866"
"name": "69927",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69927"
},
{
"name" : "appleioscve20144420-info-disc(96102)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96102"
"name": "APPLE-SA-2015-01-27-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
}
]
}

74
2014/4xxx/CVE-2014-4574.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4574",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4574",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://codevigilant.com/disclosure/wp-plugin-webengage-a3-cross-site-scripting-xss",
"refsource" : "MISC",
"url" : "http://codevigilant.com/disclosure/wp-plugin-webengage-a3-cross-site-scripting-xss"
"name": "http://codevigilant.com/disclosure/wp-plugin-webengage-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-webengage-a3-cross-site-scripting-xss"
},
{
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=844373%40webengage&old=788585%40webengage&sfp_email=&sfph_mail=",
"refsource" : "MISC",
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=844373%40webengage&old=788585%40webengage&sfp_email=&sfph_mail="
"name": "http://wordpress.org/plugins/webengage/changelog",
"refsource": "CONFIRM",
"url": "http://wordpress.org/plugins/webengage/changelog"
},
{
"name" : "http://wordpress.org/plugins/webengage/changelog",
"refsource" : "CONFIRM",
"url" : "http://wordpress.org/plugins/webengage/changelog"
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=844373%40webengage&old=788585%40webengage&sfp_email=&sfph_mail=",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=844373%40webengage&old=788585%40webengage&sfp_email=&sfph_mail="
}
]
}

22
2014/4xxx/CVE-2014-4675.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4675",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4675",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2014/9xxx/CVE-2014-9373.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9373",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9373",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. (dot dot) in the filename."
"lang": "eng",
"value": "Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. (dot dot) in the filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-422/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-422/"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-14-422/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-14-422/"
}
]
}

74
2016/3xxx/CVE-2016-3292.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3292",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3292",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka \"Internet Explorer Elevation of Privilege Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka \"Internet Explorer Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-104",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104"
"name": "92808",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92808"
},
{
"name" : "92808",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92808"
"name": "MS16-104",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104"
},
{
"name" : "1036788",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036788"
"name": "1036788",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036788"
}
]
}

92
2016/3xxx/CVE-2016-3659.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3659",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3659",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter."
"lang": "eng",
"value": "SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160404 [CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/Apr/4"
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name" : "http://bugs.cacti.net/view.php?id=2673",
"refsource" : "MISC",
"url" : "http://bugs.cacti.net/view.php?id=2673"
"name": "http://bugs.cacti.net/view.php?id=2673",
"refsource": "MISC",
"url": "http://bugs.cacti.net/view.php?id=2673"
},
{
"name" : "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
"name": "20160404 [CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/4"
},
{
"name" : "GLSA-201607-05",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201607-05"
"name": "openSUSE-SU-2016:1328",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"name" : "openSUSE-SU-2016:1328",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
"name": "85806",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85806"
},
{
"name" : "85806",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/85806"
"name": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
}
]
}

68
2016/6xxx/CVE-2016-6267.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6267",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6267",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php."
"lang": "eng",
"value": "SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/",
"refsource" : "MISC",
"url" : "https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/"
"name": "https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/",
"refsource": "MISC",
"url": "https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps/"
},
{
"name" : "https://success.trendmicro.com/solution/1114913",
"refsource" : "CONFIRM",
"url" : "https://success.trendmicro.com/solution/1114913"
"name": "https://success.trendmicro.com/solution/1114913",
"refsource": "CONFIRM",
"url": "https://success.trendmicro.com/solution/1114913"
}
]
}

68
2016/6xxx/CVE-2016-6718.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-6718",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6718",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-7.0"
"version_value": "Android-7.0"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-30455516."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-30455516."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-11-01.html"
"name": "94175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94175"
},
{
"name" : "94175",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94175"
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
}
]
}

68
2016/7xxx/CVE-2016-7050.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7050",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7050",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code."
"lang": "eng",
"value": "SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378613",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378613"
"name": "RHSA-2016:2604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2604.html"
},
{
"name" : "RHSA-2016:2604",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2604.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378613",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378613"
}
]
}

22
2016/7xxx/CVE-2016-7120.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7120",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7120",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

116
2016/7xxx/CVE-2016-7130.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7130",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7130",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document."
"lang": "eng",
"value": "The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160902 Re: CVE assignment for PHP 5.6.25 and 7.0.10 - and libcurl",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2016/09/02/9"
"name": "http://www.php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"name" : "http://www.php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php"
"name": "https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1",
"refsource": "CONFIRM",
"url": "https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1"
},
{
"name" : "http://www.php.net/ChangeLog-7.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-7.php"
"name": "GLSA-201611-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name" : "https://bugs.php.net/bug.php?id=72750",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=72750"
"name": "1036680",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036680"
},
{
"name" : "https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1",
"refsource" : "CONFIRM",
"url" : "https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1"
"name": "RHSA-2016:2750",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name" : "https://www.tenable.com/security/tns-2016-19",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2016-19"
"name": "92764",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92764"
},
{
"name" : "GLSA-201611-22",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-22"
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name" : "RHSA-2016:2750",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
"name": "https://www.tenable.com/security/tns-2016-19",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-19"
},
{
"name" : "92764",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92764"
"name": "[oss-security] 20160902 Re: CVE assignment for PHP 5.6.25 and 7.0.10 - and libcurl",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2016/09/02/9"
},
{
"name" : "1036680",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036680"
"name": "https://bugs.php.net/bug.php?id=72750",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=72750"
}
]
}

86
2016/7xxx/CVE-2016-7658.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-7658",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-7658",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Audio\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Audio\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
"name": "https://support.apple.com/HT207487",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207487"
},
{
"name" : "https://support.apple.com/HT207423",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207423"
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name" : "https://support.apple.com/HT207487",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207487"
"name": "94905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"name" : "94905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94905"
"name": "1037469",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037469"
},
{
"name" : "1037469",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037469"
"name": "https://support.apple.com/HT207423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207423"
}
]
}

92
2016/7xxx/CVE-2016-7923.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7923",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7923",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print()."
"lang": "eng",
"value": "The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print()."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource" : "CONFIRM",
"url" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
"name": "1037755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037755"
},
{
"name" : "DSA-3775",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3775"
"name": "DSA-3775",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3775"
},
{
"name" : "GLSA-201702-30",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-30"
"name": "RHSA-2017:1871",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1871"
},
{
"name" : "RHSA-2017:1871",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1871"
"name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource": "CONFIRM",
"url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
},
{
"name" : "95852",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95852"
"name": "95852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95852"
},
{
"name" : "1037755",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037755"
"name": "GLSA-201702-30",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-30"
}
]
}

80
2016/8xxx/CVE-2016-8022.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"ID" : "CVE-2016-8022",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8022",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "VirusScan Enterprise Linux (VSEL)",
"version" : {
"version_data" : [
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value" : "2.0.3 (and earlier)"
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name" : "Intel"
"vendor_name": "Intel"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
"lang": "eng",
"value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Authentication bypass by spoofing vulnerability"
"lang": "eng",
"value": "Authentication bypass by spoofing vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40911",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40911/"
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10181"
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name" : "94823",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94823"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10181"
},
{
"name" : "1037433",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037433"
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}

22
2016/8xxx/CVE-2016-8046.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8046",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8046",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/8xxx/CVE-2016-8163.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8163",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8163",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2016/8xxx/CVE-2016-8402.json
View File

@ -1,69 +1,69 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-8402",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-8402",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.10"
"version_value": "Kernel-3.10"
},
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31495231."
"lang": "eng",
"value": "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31495231."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name" : "94686",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94686"
"name": "94686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94686"
}
]
}

22
2016/8xxx/CVE-2016-8989.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8989",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8989",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2016/9xxx/CVE-2016-9343.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-9343",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-9343",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"version" : {
"version_data" : [
"product_name": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"version": {
"version_data": [
{
"version_value" : "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
"version_value": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
"lang": "eng",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability"
"lang": "eng",
"value": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name" : "95304",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95304"
"name": "95304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95304"
}
]
}