diff --git a/2006/0xxx/CVE-2006-0289.json b/2006/0xxx/CVE-2006-0289.json index 99b28e876b1..dc3e120f41a 100644 --- a/2006/0xxx/CVE-2006-0289.json +++ b/2006/0xxx/CVE-2006-0289.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Oracle Application Server 6.0.8.26(PS17) and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) REP05 and (2) REP06 in the Oracle Reports Developer component. NOTE: Oracle has not disputed reliable researcher claims that REP05 is the same as CVE-2005-2378 and REP06 is the same as CVE-2005-2371, both of which involve directory traversal." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060117 Oracle Reports - Overwrite any application server file via desname (fixed after 889 days)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/422257/30/7430/threaded" - }, - { - "name" : "20060117 Oracle Reports - Read parts of files via desname (fixed after 874 days)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/422256/30/7430/threaded" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_reports_overwrite_any_file.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_reports_overwrite_any_file.html" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_reports_read_any_file.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_reports_read_any_file.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html" - }, - { - "name" : "VU#545804", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/545804" - }, - { - "name" : "16287", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16287" - }, - { - "name" : "ADV-2006-0243", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0243" - }, - { - "name" : "ADV-2006-0323", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0323" - }, - { - "name" : "1015499", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015499" - }, - { - "name" : "18493", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18493" - }, - { - "name" : "18608", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18608" - }, - { - "name" : "oracle-january2006-update(24321)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Oracle Application Server 6.0.8.26(PS17) and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) REP05 and (2) REP06 in the Oracle Reports Developer component. NOTE: Oracle has not disputed reliable researcher claims that REP05 is the same as CVE-2005-2378 and REP06 is the same as CVE-2005-2371, both of which involve directory traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oracle-january2006-update(24321)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321" + }, + { + "name": "20060117 Oracle Reports - Read parts of files via desname (fixed after 874 days)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/422256/30/7430/threaded" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_reports_read_any_file.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_reports_read_any_file.html" + }, + { + "name": "18493", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18493" + }, + { + "name": "ADV-2006-0323", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0323" + }, + { + "name": "16287", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16287" + }, + { + "name": "20060117 Oracle Reports - Overwrite any application server file via desname (fixed after 889 days)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/422257/30/7430/threaded" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_reports_overwrite_any_file.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_reports_overwrite_any_file.html" + }, + { + "name": "VU#545804", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/545804" + }, + { + "name": "1015499", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015499" + }, + { + "name": "ADV-2006-0243", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0243" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html" + }, + { + "name": "18608", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18608" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0302.json b/2006/0xxx/CVE-2006-0302.json index 751b38b990c..21b6eea0aa6 100644 --- a/2006/0xxx/CVE-2006-0302.json +++ b/2006/0xxx/CVE-2006-0302.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060116 ZyXel P2000W (Version 2) VoIP wireless phone undocumented port UDP/9090", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041438.html" - }, - { - "name" : "16285", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16285" - }, - { - "name" : "22516", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22516" - }, - { - "name" : "18511", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18511" - }, - { - "name" : "zyxel-p2000w-default-port(24145)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24145" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060116 ZyXel P2000W (Version 2) VoIP wireless phone undocumented port UDP/9090", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041438.html" + }, + { + "name": "22516", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22516" + }, + { + "name": "16285", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16285" + }, + { + "name": "18511", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18511" + }, + { + "name": "zyxel-p2000w-default-port(24145)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24145" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0388.json b/2006/0xxx/CVE-2006-0388.json index c0c04e0321b..2c7c13b6904 100644 --- a/2006/0xxx/CVE-2006-0388.json +++ b/2006/0xxx/CVE-2006-0388.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=303382", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=303382" - }, - { - "name" : "APPLE-SA-2006-03-01", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html" - }, - { - "name" : "TA06-062A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-062A.html" - }, - { - "name" : "16907", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16907" - }, - { - "name" : "ADV-2006-0791", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0791" - }, - { - "name" : "1015713", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015713" - }, - { - "name" : "19064", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19064" - }, - { - "name" : "macosx-safari-http-redirect(25038)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25038" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19064", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19064" + }, + { + "name": "16907", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16907" + }, + { + "name": "1015713", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015713" + }, + { + "name": "ADV-2006-0791", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0791" + }, + { + "name": "APPLE-SA-2006-03-01", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html" + }, + { + "name": "TA06-062A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html" + }, + { + "name": "macosx-safari-http-redirect(25038)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25038" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=303382", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=303382" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0543.json b/2006/0xxx/CVE-2006-0543.json index 831e9777a4f..460df8e5ea3 100644 --- a/2006/0xxx/CVE-2006-0543.json +++ b/2006/0xxx/CVE-2006-0543.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \\'d1, (2) \\'d2, (3) \\'d3, (4) \\'d4, and (5) \\'d5. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22877", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \\'d1, (2) \\'d2, (3) \\'d3, (4) \\'d4, and (5) \\'d5. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22877", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22877" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0779.json b/2006/0xxx/CVE-2006-0779.json index 553def68d58..0a0b74212ff 100644 --- a/2006/0xxx/CVE-2006-0779.json +++ b/2006/0xxx/CVE-2006-0779.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0779", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0779", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060212 XMB Forums Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/425084/100/0/threaded" - }, - { - "name" : "http://www.gulftech.org/?node=research&article_id=00100-02122006", - "refsource" : "MISC", - "url" : "http://www.gulftech.org/?node=research&article_id=00100-02122006" - }, - { - "name" : "http://www.xmbforum.com/", - "refsource" : "MISC", - "url" : "http://www.xmbforum.com/" - }, - { - "name" : "16604", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16604" - }, - { - "name" : "ADV-2006-0529", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0529" - }, - { - "name" : "23119", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23119" - }, - { - "name" : "xmbforum-u2u-xss(24647)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24647" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060212 XMB Forums Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/425084/100/0/threaded" + }, + { + "name": "ADV-2006-0529", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0529" + }, + { + "name": "xmbforum-u2u-xss(24647)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24647" + }, + { + "name": "16604", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16604" + }, + { + "name": "23119", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23119" + }, + { + "name": "http://www.xmbforum.com/", + "refsource": "MISC", + "url": "http://www.xmbforum.com/" + }, + { + "name": "http://www.gulftech.org/?node=research&article_id=00100-02122006", + "refsource": "MISC", + "url": "http://www.gulftech.org/?node=research&article_id=00100-02122006" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1297.json b/2006/1xxx/CVE-2006-1297.json index 2d768b99d51..2095a153a0c 100644 --- a/2006/1xxx/CVE-2006-1297.json +++ b/2006/1xxx/CVE-2006-1297.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1297", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to \"memory errors.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1297", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060317 Symantec Security Advisory SYM06-004", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/428016/100/0/threaded" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2006.03.17a.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2006.03.17a.html" - }, - { - "name" : "17098", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17098" - }, - { - "name" : "ADV-2006-0995", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0995" - }, - { - "name" : "1015784", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015784" - }, - { - "name" : "19242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19242" - }, - { - "name" : "597", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/597" - }, - { - "name" : "backupexec-app-memory-dos(25309)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25309" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to \"memory errors.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1015784", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015784" + }, + { + "name": "597", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/597" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2006.03.17a.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2006.03.17a.html" + }, + { + "name": "17098", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17098" + }, + { + "name": "backupexec-app-memory-dos(25309)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25309" + }, + { + "name": "ADV-2006-0995", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0995" + }, + { + "name": "20060317 Symantec Security Advisory SYM06-004", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/428016/100/0/threaded" + }, + { + "name": "19242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19242" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1319.json b/2006/1xxx/CVE-2006-1319.json index 91405f4a14d..a3fb521094b 100644 --- a/2006/1xxx/CVE-2006-1319.json +++ b/2006/1xxx/CVE-2006-1319.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gid_t type." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356016", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356016" - }, - { - "name" : "17179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17179" - }, - { - "name" : "19323", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19323" - }, - { - "name" : "runit-chpst-gain-privileges(25419)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gid_t type." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17179" + }, + { + "name": "runit-chpst-gain-privileges(25419)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25419" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356016", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356016" + }, + { + "name": "19323", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19323" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1473.json b/2006/1xxx/CVE-2006-1473.json index 583bb6c6368..aab20a123bc 100644 --- a/2006/1xxx/CVE-2006-1473.json +++ b/2006/1xxx/CVE-2006-1473.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1473", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1473", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2006-08-01", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" - }, - { - "name" : "TA06-214A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" - }, - { - "name" : "VU#575372", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/575372" - }, - { - "name" : "19289", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19289" - }, - { - "name" : "ADV-2006-3101", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3101" - }, - { - "name" : "27731", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27731" - }, - { - "name" : "1016620", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016620" - }, - { - "name" : "21253", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21253" - }, - { - "name" : "macosx-afp-overflow(28135)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28135" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#575372", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/575372" + }, + { + "name": "APPLE-SA-2006-08-01", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" + }, + { + "name": "ADV-2006-3101", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3101" + }, + { + "name": "21253", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21253" + }, + { + "name": "19289", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19289" + }, + { + "name": "TA06-214A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" + }, + { + "name": "1016620", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016620" + }, + { + "name": "macosx-afp-overflow(28135)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28135" + }, + { + "name": "27731", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27731" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3000.json b/2006/3xxx/CVE-2006-3000.json index 31ec9a17e45..47a59a34fde 100644 --- a/2006/3xxx/CVE-2006-3000.json +++ b/2006/3xxx/CVE-2006-3000.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3000", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060608 okscripts.com - XSS Vulns", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/436561" - }, - { - "name" : "ADV-2006-2276", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2276" - }, - { - "name" : "20593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20593" - }, - { - "name" : "1080", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1080" - }, - { - "name" : "okarticles-search-xss(27134)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27134" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "okarticles-search-xss(27134)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27134" + }, + { + "name": "20060608 okscripts.com - XSS Vulns", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/436561" + }, + { + "name": "20593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20593" + }, + { + "name": "ADV-2006-2276", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2276" + }, + { + "name": "1080", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1080" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4132.json b/2006/4xxx/CVE-2006-4132.json index 8067321f5c3..075eece7f2c 100644 --- a/2006/4xxx/CVE-2006-4132.json +++ b/2006/4xxx/CVE-2006-4132.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4132", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4132", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/442841/100/0/threaded" - }, - { - "name" : "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html" - }, - { - "name" : "http://www.arcsoft.com/support/downloads/download_patches/mms.asp", - "refsource" : "MISC", - "url" : "http://www.arcsoft.com/support/downloads/download_patches/mms.asp" - }, - { - "name" : "2156", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2156" - }, - { - "name" : "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf", - "refsource" : "MISC", - "url" : "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf" - }, - { - "name" : "19451", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19451" - }, - { - "name" : "21426", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21426" - }, - { - "name" : "1387", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1387" - }, - { - "name" : "mmscomposer-wappush-dos(28344)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19451", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19451" + }, + { + "name": "mmscomposer-wappush-dos(28344)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28344" + }, + { + "name": "1387", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1387" + }, + { + "name": "2156", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2156" + }, + { + "name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded" + }, + { + "name": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp", + "refsource": "MISC", + "url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp" + }, + { + "name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html" + }, + { + "name": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf", + "refsource": "MISC", + "url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf" + }, + { + "name": "21426", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21426" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4506.json b/2006/4xxx/CVE-2006-4506.json index 9493eeedb95..5c9fb94865f 100644 --- a/2006/4xxx/CVE-2006-4506.json +++ b/2006/4xxx/CVE-2006-4506.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the \" (quote) and \\ (backslash) characters and eval injection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974299.htm", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974299.htm" - }, - { - "name" : "19688", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19688" - }, - { - "name" : "1016741", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016741" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the \" (quote) and \\ (backslash) characters and eval injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1016741", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016741" + }, + { + "name": "19688", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19688" + }, + { + "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974299.htm", + "refsource": "CONFIRM", + "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974299.htm" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2066.json b/2010/2xxx/CVE-2010-2066.json index 90c75229856..d4d67f84323 100644 --- a/2010/2xxx/CVE-2010-2066.json +++ b/2010/2xxx/CVE-2010-2066.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-2066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" - }, - { - "name" : "[oss-security] 20100607 CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/06/07/1" - }, - { - "name" : "[oss-security] 20100609 Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/06/09/1" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=601006", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=601006" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" - }, - { - "name" : "RHSA-2010:0610", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0610.html" - }, - { - "name" : "SUSE-SA:2010:033", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html" - }, - { - "name" : "USN-1000-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1000-1" - }, - { - "name" : "43315", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2010:0610", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0610.html" + }, + { + "name": "USN-1000-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1000-1" + }, + { + "name": "SUSE-SA:2010:033", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35" + }, + { + "name": "[oss-security] 20100607 CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/06/07/1" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72" + }, + { + "name": "43315", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43315" + }, + { + "name": "[oss-security] 20100609 Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/06/09/1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=601006", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=601006" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + }, + { + "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2366.json b/2010/2xxx/CVE-2010-2366.json index f4eb6d79980..0bb7f512e40 100644 --- a/2010/2xxx/CVE-2010-2366.json +++ b/2010/2xxx/CVE-2010-2366.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2366", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.futomi.com/library/info/2010/20100910.html", - "refsource" : "CONFIRM", - "url" : "http://www.futomi.com/library/info/2010/20100910.html" - }, - { - "name" : "JVN#35605523", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN35605523/index.html" - }, - { - "name" : "JVNDB-2010-000035", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000035.html" - }, - { - "name" : "43142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43142" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#35605523", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN35605523/index.html" + }, + { + "name": "43142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43142" + }, + { + "name": "JVNDB-2010-000035", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000035.html" + }, + { + "name": "http://www.futomi.com/library/info/2010/20100910.html", + "refsource": "CONFIRM", + "url": "http://www.futomi.com/library/info/2010/20100910.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2596.json b/2010/2xxx/CVE-2010-2596.json index 3d23fe23b5d..642bc71976b 100644 --- a/2010/2xxx/CVE-2010-2596.json +++ b/2010/2xxx/CVE-2010-2596.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to \"downsampled OJPEG input.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100623 CVE requests: LibTIFF", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=oss-security&m=127731610612908&w=2" - }, - { - "name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2209", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2209" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=583081", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=583081" - }, - { - "name" : "GLSA-201209-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201209-02.xml" - }, - { - "name" : "40422", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40422" - }, - { - "name" : "50726", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to \"downsampled OJPEG input.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20100623 CVE requests: LibTIFF", + "refsource": "MLIST", + "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2" + }, + { + "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2209", + "refsource": "CONFIRM", + "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2209" + }, + { + "name": "GLSA-201209-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml" + }, + { + "name": "40422", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40422" + }, + { + "name": "50726", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50726" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=583081", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583081" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2717.json b/2010/2xxx/CVE-2010-2717.json index 71fd78ecc33..4a6c71a08d0 100644 --- a/2010/2xxx/CVE-2010-2717.json +++ b/2010/2xxx/CVE-2010-2717.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2717", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in manager/login.php in CruxSoftware CruxCMS 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the txtusername parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100708 XSS vulnerability in CruxCMS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/512245/100/0/threaded" - }, - { - "name" : "http://www.htbridge.ch/advisory/xss_vulnerability_in_cruxcms_1.html", - "refsource" : "MISC", - "url" : "http://www.htbridge.ch/advisory/xss_vulnerability_in_cruxcms_1.html" - }, - { - "name" : "ADV-2010-1708", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in manager/login.php in CruxSoftware CruxCMS 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the txtusername parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100708 XSS vulnerability in CruxCMS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/512245/100/0/threaded" + }, + { + "name": "ADV-2010-1708", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1708" + }, + { + "name": "http://www.htbridge.ch/advisory/xss_vulnerability_in_cruxcms_1.html", + "refsource": "MISC", + "url": "http://www.htbridge.ch/advisory/xss_vulnerability_in_cruxcms_1.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3114.json b/2010/3xxx/CVE-2010-3114.json index 3d3650d0b7a..0ac96cd4a89 100644 --- a/2010/3xxx/CVE-2010-3114.json +++ b/2010/3xxx/CVE-2010-3114.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3114", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3114", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=49628", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=49628" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html" - }, - { - "name" : "http://trac.webkit.org/changeset/63773", - "refsource" : "CONFIRM", - "url" : "http://trac.webkit.org/changeset/63773" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=628035", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=628035" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "RHSA-2011:0177", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0177.html" - }, - { - "name" : "USN-1006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1006-1" - }, - { - "name" : "44201", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44201" - }, - { - "name" : "oval:org.mitre.oval:def:11577", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11577" - }, - { - "name" : "41856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41856" - }, - { - "name" : "43086", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43086" - }, - { - "name" : "ADV-2010-2722", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2722" - }, - { - "name" : "ADV-2011-0216", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0216" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "ADV-2010-2722", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2722" + }, + { + "name": "http://trac.webkit.org/changeset/63773", + "refsource": "CONFIRM", + "url": "http://trac.webkit.org/changeset/63773" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html" + }, + { + "name": "USN-1006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1006-1" + }, + { + "name": "41856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41856" + }, + { + "name": "ADV-2011-0216", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0216" + }, + { + "name": "43086", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43086" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=49628", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=49628" + }, + { + "name": "oval:org.mitre.oval:def:11577", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11577" + }, + { + "name": "44201", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44201" + }, + { + "name": "RHSA-2011:0177", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=628035", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628035" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3135.json b/2010/3xxx/CVE-2010-3135.json index 6a70277ec31..e43874c3b0b 100644 --- a/2010/3xxx/CVE-2010-3135.json +++ b/2010/3xxx/CVE-2010-3135.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3135", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .pkt or .pkz file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3135", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "14774", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/14774" - }, - { - "name" : "cisco-tracer-dll-code-exec(64483)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .pkt or .pkz file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cisco-tracer-dll-code-exec(64483)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64483" + }, + { + "name": "14774", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/14774" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3653.json b/2010/3xxx/CVE-2010-3653.json index f73d0a21c87..7778d17009e 100644 --- a/2010/3xxx/CVE-2010-3653.json +++ b/2010/3xxx/CVE-2010-3653.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-3653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15296", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15296" - }, - { - "name" : "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/", - "refsource" : "MISC", - "url" : "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-25.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-25.html" - }, - { - "name" : "VU#402231", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/402231" - }, - { - "name" : "44291", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44291" - }, - { - "name" : "oval:org.mitre.oval:def:11285", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285" - }, - { - "name" : "1024635", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024635" - }, - { - "name" : "ADV-2010-2752", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2752" - }, - { - "name" : "adobe-shockwave-rcsl-code-exec(62688)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62688" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-25.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-25.html" + }, + { + "name": "adobe-shockwave-rcsl-code-exec(62688)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62688" + }, + { + "name": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/", + "refsource": "MISC", + "url": "http://www.abysssec.com/blog/2010/10/adobe-shockwave-player-rcsl-chunk-memory-corruption-0day/" + }, + { + "name": "15296", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15296" + }, + { + "name": "VU#402231", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/402231" + }, + { + "name": "oval:org.mitre.oval:def:11285", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11285" + }, + { + "name": "44291", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44291" + }, + { + "name": "1024635", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024635" + }, + { + "name": "ADV-2010-2752", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2752" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4141.json b/2010/4xxx/CVE-2010-4141.json index 1db3cea5afa..64fabc4c202 100644 --- a/2010/4xxx/CVE-2010-4141.json +++ b/2010/4xxx/CVE-2010-4141.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4141", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2010-4141", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4167.json b/2010/4xxx/CVE-2010-4167.json index bbb76a35d4b..cb82ee6b712 100644 --- a/2010/4xxx/CVE-2010-4167.json +++ b/2010/4xxx/CVE-2010-4167.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4167", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4167", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/11/13/1" - }, - { - "name" : "[oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/11/15/3" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824" - }, - { - "name" : "http://www.imagemagick.org/script/changelog.php", - "refsource" : "CONFIRM", - "url" : "http://www.imagemagick.org/script/changelog.php" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=652860", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=652860" - }, - { - "name" : "FEDORA-2010-19025", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html" - }, - { - "name" : "FEDORA-2010-19056", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html" - }, - { - "name" : "RHSA-2012:0544", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-0544.html" - }, - { - "name" : "USN-1028-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1028-1" - }, - { - "name" : "45044", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45044" - }, - { - "name" : "42497", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42497" - }, - { - "name" : "42744", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42744" - }, - { - "name" : "49063", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49063" - }, - { - "name" : "48100", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48100" - }, - { - "name" : "ADV-2010-3150", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3150" - }, - { - "name" : "ADV-2010-3322", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3322" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42497", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42497" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=652860", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=652860" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824" + }, + { + "name": "USN-1028-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1028-1" + }, + { + "name": "[oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/11/15/3" + }, + { + "name": "42744", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42744" + }, + { + "name": "49063", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49063" + }, + { + "name": "http://www.imagemagick.org/script/changelog.php", + "refsource": "CONFIRM", + "url": "http://www.imagemagick.org/script/changelog.php" + }, + { + "name": "45044", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45044" + }, + { + "name": "FEDORA-2010-19025", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html" + }, + { + "name": "ADV-2010-3322", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3322" + }, + { + "name": "ADV-2010-3150", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3150" + }, + { + "name": "FEDORA-2010-19056", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html" + }, + { + "name": "RHSA-2012:0544", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html" + }, + { + "name": "[oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/11/13/1" + }, + { + "name": "48100", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48100" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4500.json b/2010/4xxx/CVE-2010-4500.json index e6df4044500..11d03379868 100644 --- a/2010/4xxx/CVE-2010-4500.json +++ b/2010/4xxx/CVE-2010-4500.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) subject, and (4) message parameters in a sendmess action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45067", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45067" - }, - { - "name" : "42313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42313" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) subject, and (4) message parameters in a sendmess action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42313" + }, + { + "name": "45067", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45067" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4588.json b/2010/4xxx/CVE-2010-4588.json index ed06fb63f80..22011655099 100644 --- a/2010/4xxx/CVE-2010-4588.json +++ b/2010/4xxx/CVE-2010-4588.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier allows remote attackers to execute arbitrary code via a crafted argument to the ReleaseContext method, a different vector than CVE-2010-3973, possibly an untrusted pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://twitter.com/carsteneiram/status/17526155733110784", - "refsource" : "MISC", - "url" : "http://twitter.com/carsteneiram/status/17526155733110784" - }, - { - "name" : "http://www.wooyun.org/bug.php?action=view&id=1006", - "refsource" : "MISC", - "url" : "http://www.wooyun.org/bug.php?action=view&id=1006" - }, - { - "name" : "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx", - "refsource" : "MISC", - "url" : "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx" - }, - { - "name" : "VU#725596", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/725596" - }, - { - "name" : "42693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42693" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier allows remote attackers to execute arbitrary code via a crafted argument to the ReleaseContext method, a different vector than CVE-2010-3973, possibly an untrusted pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx", + "refsource": "MISC", + "url": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx" + }, + { + "name": "VU#725596", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/725596" + }, + { + "name": "http://www.wooyun.org/bug.php?action=view&id=1006", + "refsource": "MISC", + "url": "http://www.wooyun.org/bug.php?action=view&id=1006" + }, + { + "name": "http://twitter.com/carsteneiram/status/17526155733110784", + "refsource": "MISC", + "url": "http://twitter.com/carsteneiram/status/17526155733110784" + }, + { + "name": "42693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42693" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1110.json b/2011/1xxx/CVE-2011-1110.json index 64727f3520e..5519f5c2450 100644 --- a/2011/1xxx/CVE-2011-1110.json +++ b/2011/1xxx/CVE-2011-1110.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale pointer.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=68741", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=68741" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html" - }, - { - "name" : "46614", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46614" - }, - { - "name" : "oval:org.mitre.oval:def:14415", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14415" - }, - { - "name" : "google-chrome-key-frames-dos(65728)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65728" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale pointer.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "google-chrome-key-frames-dos(65728)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65728" + }, + { + "name": "46614", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46614" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=68741", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=68741" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html" + }, + { + "name": "oval:org.mitre.oval:def:14415", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14415" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1462.json b/2011/1xxx/CVE-2011-1462.json index 4d73d412335..7e187ae080d 100644 --- a/2011/1xxx/CVE-2011-1462.json +++ b/2011/1xxx/CVE-2011-1462.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1462", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1462", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4808", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4808" - }, - { - "name" : "http://support.apple.com/kb/HT4981", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4981" - }, - { - "name" : "http://support.apple.com/kb/HT4999", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4999" - }, - { - "name" : "APPLE-SA-2011-07-20-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" - }, - { - "name" : "APPLE-SA-2011-10-11-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" - }, - { - "name" : "APPLE-SA-2011-10-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT4981", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4981" + }, + { + "name": "APPLE-SA-2011-10-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" + }, + { + "name": "APPLE-SA-2011-10-11-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" + }, + { + "name": "http://support.apple.com/kb/HT4999", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4999" + }, + { + "name": "http://support.apple.com/kb/HT4808", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4808" + }, + { + "name": "APPLE-SA-2011-07-20-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1470.json b/2011/1xxx/CVE-2011-1470.json index 8e99477dc2b..2ffa399a36b 100644 --- a/2011/1xxx/CVE-2011-1470.json +++ b/2011/1xxx/CVE-2011-1470.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1470", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.php.net/bug.php?id=53579", - "refsource" : "CONFIRM", - "url" : "http://bugs.php.net/bug.php?id=53579" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php" - }, - { - "name" : "http://support.apple.com/kb/HT5002", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5002" - }, - { - "name" : "APPLE-SA-2011-10-12-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" - }, - { - "name" : "MDVSA-2011:052", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052" - }, - { - "name" : "MDVSA-2011:053", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053" - }, - { - "name" : "46969", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46969" - }, - { - "name" : "ADV-2011-0744", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0744" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:053", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053" + }, + { + "name": "http://www.php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php" + }, + { + "name": "APPLE-SA-2011-10-12-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" + }, + { + "name": "MDVSA-2011:052", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052" + }, + { + "name": "ADV-2011-0744", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0744" + }, + { + "name": "http://support.apple.com/kb/HT5002", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5002" + }, + { + "name": "46969", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46969" + }, + { + "name": "http://bugs.php.net/bug.php?id=53579", + "refsource": "CONFIRM", + "url": "http://bugs.php.net/bug.php?id=53579" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1561.json b/2011/1xxx/CVE-2011-1561.json index bdde09fe2b7..8dce0590d41 100644 --- a/2011/1xxx/CVE-2011-1561.json +++ b/2011/1xxx/CVE-2011-1561.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1561", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1561", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory.asc", - "refsource" : "CONFIRM", - "url" : "http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory.asc" - }, - { - "name" : "IZ97416", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ97416" - }, - { - "name" : "1025273", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1025273" - }, - { - "name" : "43968", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43968" - }, - { - "name" : "ADV-2011-0836", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0836" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1025273", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1025273" + }, + { + "name": "ADV-2011-0836", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0836" + }, + { + "name": "http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory.asc", + "refsource": "CONFIRM", + "url": "http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory.asc" + }, + { + "name": "IZ97416", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ97416" + }, + { + "name": "43968", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43968" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1733.json b/2011/1xxx/CVE-2011-1733.json index 1ab2da81925..e7a6426bb31 100644 --- a/2011/1xxx/CVE-2011-1733.json +++ b/2011/1xxx/CVE-2011-1733.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1733", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2011-1733", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110429 ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/517769/100/0/threaded" - }, - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-11-149/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-11-149/" - }, - { - "name" : "HPSBMA02668", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240" - }, - { - "name" : "SSRT100474", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240" - }, - { - "name" : "47638", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47638" - }, - { - "name" : "72192", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/72192" - }, - { - "name" : "1025454", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025454" - }, - { - "name" : "44402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44402" - }, - { - "name" : "openview-storage-code-execution(67206)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67206" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openview-storage-code-execution(67206)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67206" + }, + { + "name": "72192", + "refsource": "OSVDB", + "url": "http://osvdb.org/72192" + }, + { + "name": "47638", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47638" + }, + { + "name": "HPSBMA02668", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240" + }, + { + "name": "SSRT100474", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240" + }, + { + "name": "20110429 ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/517769/100/0/threaded" + }, + { + "name": "44402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44402" + }, + { + "name": "1025454", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025454" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-11-149/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-11-149/" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3164.json b/2014/3xxx/CVE-2014-3164.json index 7c61ec165c6..af36b107451 100644 --- a/2014/3xxx/CVE-2014-3164.json +++ b/2014/3xxx/CVE-2014-3164.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3164", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-3164", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/", - "refsource" : "CONFIRM", - "url" : "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/" - }, - { - "name" : "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/1/cmds/servicemanager/service_manager.c", - "refsource" : "CONFIRM", - "url" : "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/1/cmds/servicemanager/service_manager.c" - }, - { - "name" : "https://plzdonthack.me/", - "refsource" : "CONFIRM", - "url" : "https://plzdonthack.me/" - }, - { - "name" : "https://sourceforge.net/p/android-x86/frameworks_native/ci/652c485467598240ecbb3a60516ad1140eddfab1/", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/p/android-x86/frameworks_native/ci/652c485467598240ecbb3a60516ad1140eddfab1/" - }, - { - "name" : "101506", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101506", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101506" + }, + { + "name": "https://plzdonthack.me/", + "refsource": "CONFIRM", + "url": "https://plzdonthack.me/" + }, + { + "name": "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/1/cmds/servicemanager/service_manager.c", + "refsource": "CONFIRM", + "url": "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/1/cmds/servicemanager/service_manager.c" + }, + { + "name": "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/", + "refsource": "CONFIRM", + "url": "https://android-review.googlesource.com/#/c/platform/frameworks/native/+/101104/" + }, + { + "name": "https://sourceforge.net/p/android-x86/frameworks_native/ci/652c485467598240ecbb3a60516ad1140eddfab1/", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/p/android-x86/frameworks_native/ci/652c485467598240ecbb3a60516ad1140eddfab1/" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3381.json b/2014/3xxx/CVE-2014-3381.json index d572e261fd8..13a7dc77688 100644 --- a/2014/3xxx/CVE-2014-3381.json +++ b/2014/3xxx/CVE-2014-3381.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3381", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-3381", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=36062", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=36062" - }, - { - "name" : "20141013 Cisco AsyncOS Software ZIP Filtering Bypass Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20141013 Cisco AsyncOS Software ZIP Filtering Bypass Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36062", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36062" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3469.json b/2014/3xxx/CVE-2014-3469.json index ddf0bbe258b..5fa1cf4e7bc 100644 --- a/2014/3xxx/CVE-2014-3469.json +++ b/2014/3xxx/CVE-2014-3469.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3469", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[help-libtasn1] 20140525 GNU Libtasn1 3.6 released", - "refsource" : "MLIST", - "url" : "http://lists.gnu.org/archive/html/help-libtasn1/2014-05/msg00006.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102329", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102329" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-0594.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-0594.html" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-0596.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-0596.html" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0247.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0247.html" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7015302", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7015302" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7015303", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7015303" - }, - { - "name" : "DSA-3056", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3056" - }, - { - "name" : "MDVSA-2015:116", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:116" - }, - { - "name" : "RHSA-2014:0594", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0594.html" - }, - { - "name" : "RHSA-2014:0596", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0596.html" - }, - { - "name" : "RHSA-2014:0815", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0815.html" - }, - { - "name" : "RHSA-2014:0687", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0687.html" - }, - { - "name" : "SUSE-SU-2014:0758", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html" - }, - { - "name" : "SUSE-SU-2014:0788", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html" - }, - { - "name" : "58614", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58614" - }, - { - "name" : "59057", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59057" - }, - { - "name" : "58591", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58591" - }, - { - "name" : "59021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59021" - }, - { - "name" : "60415", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60415" - }, - { - "name" : "61888", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61888" - }, - { - "name" : "60320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60320" - }, - { - "name" : "59408", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59408" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "60320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60320" + }, + { + "name": "DSA-3056", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3056" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7015302", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7015302" + }, + { + "name": "59057", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59057" + }, + { + "name": "SUSE-SU-2014:0758", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-0596.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-0596.html" + }, + { + "name": "MDVSA-2015:116", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:116" + }, + { + "name": "59021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59021" + }, + { + "name": "61888", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61888" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0247.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0247.html" + }, + { + "name": "RHSA-2014:0815", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0815.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102329", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102329" + }, + { + "name": "RHSA-2014:0596", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0596.html" + }, + { + "name": "[help-libtasn1] 20140525 GNU Libtasn1 3.6 released", + "refsource": "MLIST", + "url": "http://lists.gnu.org/archive/html/help-libtasn1/2014-05/msg00006.html" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7015303", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7015303" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-0594.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-0594.html" + }, + { + "name": "58591", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58591" + }, + { + "name": "RHSA-2014:0687", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0687.html" + }, + { + "name": "58614", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58614" + }, + { + "name": "SUSE-SU-2014:0788", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html" + }, + { + "name": "RHSA-2014:0594", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0594.html" + }, + { + "name": "60415", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60415" + }, + { + "name": "59408", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59408" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3792.json b/2014/3xxx/CVE-2014-3792.json index aa99e71f335..943e14baac2 100644 --- a/2014/3xxx/CVE-2014-3792.json +++ b/2014/3xxx/CVE-2014-3792.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3792", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the uiViewTools_Password and uiViewTools_PasswordConfirm parameters to Forms/tools_admin_1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-3792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "33129", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/33129" - }, - { - "name" : "http://packetstormsecurity.com/files/126426/Beetel-450TC2-Cross-Site-Request-Forgery.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/126426/Beetel-450TC2-Cross-Site-Request-Forgery.html" - }, - { - "name" : "106468", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/106468" - }, - { - "name" : "58365", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58365" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the uiViewTools_Password and uiViewTools_PasswordConfirm parameters to Forms/tools_admin_1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106468", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/106468" + }, + { + "name": "58365", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58365" + }, + { + "name": "http://packetstormsecurity.com/files/126426/Beetel-450TC2-Cross-Site-Request-Forgery.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/126426/Beetel-450TC2-Cross-Site-Request-Forgery.html" + }, + { + "name": "33129", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/33129" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3868.json b/2014/3xxx/CVE-2014-3868.json index 8604e9f5c88..8ead380cb30 100644 --- a/2014/3xxx/CVE-2014-3868.json +++ b/2014/3xxx/CVE-2014-3868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-3868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7051.json b/2014/7xxx/CVE-2014-7051.json index 17ae0d1657d..f1802725138 100644 --- a/2014/7xxx/CVE-2014-7051.json +++ b/2014/7xxx/CVE-2014-7051.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7051", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-7051", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7137.json b/2014/7xxx/CVE-2014-7137.json index f5ccb0080d8..76abb2443f6 100644 --- a/2014/7xxx/CVE-2014-7137.json +++ b/2014/7xxx/CVE-2014-7137.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7137", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4) lineid parameter in a deletecontact action, (5) ligne parameter in a swapstatut action, or (6) ref parameter to projet/contact.php; (7) id parameter to compta/bank/fiche.php, (8) contact/info.php, (9) holiday/index.php, (10) product/stock/fiche.php, (11) product/stock/info.php, or (12) in an edit action to product/stock/fiche.php; (13) productid parameter in an addline action to product/stock/massstockmove.php; (14) project_ref parameter to projet/tasks/note.php; (15) ref parameter to element.php, (16) ganttview.php, (17) note.php, or (18) tasks.php in projet/; (19) sall or (20) sref parameter to comm/mailing/liste.php; (21) search_bon, (22) search_ligne, (23) search_societe, or (24) search_code parameter to compta/prelevement/liste.php; (25) search_label parameter to compta/sociales/index.php; (26) search_project parameter to projet/tasks/index.php; (27) search_societe parameter to compta/prelevement/demandes.php; (28) search_statut parameter to user/index.php; (29) socid parameter to compta/recap-compta.php, (30) societe/commerciaux.php, or (31) societe/rib.php; (32) sortorder, (33) sref, (34) sall, or (35) sortfield parameter to product/stock/liste.php; (36) statut parameter to adherents/liste.php or (37) compta/dons/liste.php; (38) tobuy or (39) tosell parameter to product/liste.php; (40) tobuy, (41) tosell, (42) search_categ, or (43) sref parameter to product/reassort.php; (44) type parameter to product/index.php; or the (a) sortorder or (b) sortfield parameter to (45) compta/paiement/cheque/liste.php, (46) compta/prelevement/bons.php, (47) compta/prelevement/rejets.php, (48) product/stats/commande.php, (49) product/stats/commande_fournisseur.php, (50) product/stats/contrat.php, (51) product/stats/facture.php, (52) product/stats/facture_fournisseur.php, (53) product/stats/propal.php, or (54) product/stock/replenishorders.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-7137", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141119 CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534020/100/0/threaded" - }, - { - "name" : "20141119 CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Nov/56" - }, - { - "name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7137/", - "refsource" : "MISC", - "url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7137/" - }, - { - "name" : "http://packetstormsecurity.com/files/129175/Dolibarr-ERP-And-CRM-3.5.3-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129175/Dolibarr-ERP-And-CRM-3.5.3-SQL-Injection.html" - }, - { - "name" : "71189", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71189" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4) lineid parameter in a deletecontact action, (5) ligne parameter in a swapstatut action, or (6) ref parameter to projet/contact.php; (7) id parameter to compta/bank/fiche.php, (8) contact/info.php, (9) holiday/index.php, (10) product/stock/fiche.php, (11) product/stock/info.php, or (12) in an edit action to product/stock/fiche.php; (13) productid parameter in an addline action to product/stock/massstockmove.php; (14) project_ref parameter to projet/tasks/note.php; (15) ref parameter to element.php, (16) ganttview.php, (17) note.php, or (18) tasks.php in projet/; (19) sall or (20) sref parameter to comm/mailing/liste.php; (21) search_bon, (22) search_ligne, (23) search_societe, or (24) search_code parameter to compta/prelevement/liste.php; (25) search_label parameter to compta/sociales/index.php; (26) search_project parameter to projet/tasks/index.php; (27) search_societe parameter to compta/prelevement/demandes.php; (28) search_statut parameter to user/index.php; (29) socid parameter to compta/recap-compta.php, (30) societe/commerciaux.php, or (31) societe/rib.php; (32) sortorder, (33) sref, (34) sall, or (35) sortfield parameter to product/stock/liste.php; (36) statut parameter to adherents/liste.php or (37) compta/dons/liste.php; (38) tobuy or (39) tosell parameter to product/liste.php; (40) tobuy, (41) tosell, (42) search_categ, or (43) sref parameter to product/reassort.php; (44) type parameter to product/index.php; or the (a) sortorder or (b) sortfield parameter to (45) compta/paiement/cheque/liste.php, (46) compta/prelevement/bons.php, (47) compta/prelevement/rejets.php, (48) product/stats/commande.php, (49) product/stats/commande_fournisseur.php, (50) product/stats/contrat.php, (51) product/stats/facture.php, (52) product/stats/facture_fournisseur.php, (53) product/stats/propal.php, or (54) product/stock/replenishorders.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "71189", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71189" + }, + { + "name": "http://packetstormsecurity.com/files/129175/Dolibarr-ERP-And-CRM-3.5.3-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129175/Dolibarr-ERP-And-CRM-3.5.3-SQL-Injection.html" + }, + { + "name": "20141119 CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Nov/56" + }, + { + "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7137/", + "refsource": "MISC", + "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7137/" + }, + { + "name": "20141119 CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534020/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7774.json b/2014/7xxx/CVE-2014-7774.json index e40e973fc1a..2daa75f4008 100644 --- a/2014/7xxx/CVE-2014-7774.json +++ b/2014/7xxx/CVE-2014-7774.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7774", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Herbs & Flowers Dictionary (aka com.wHerbsNFlowersDictionary) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-7774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#807337", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/807337" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Herbs & Flowers Dictionary (aka com.wHerbsNFlowersDictionary) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#807337", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/807337" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7815.json b/2014/7xxx/CVE-2014-7815.json index 707e0be96f3..d32d9af2482 100644 --- a/2014/7xxx/CVE-2014-7815.json +++ b/2014/7xxx/CVE-2014-7815.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-7815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=e6908bfe8e07f2b452e78e677da1b45b1c0f6829", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=e6908bfe8e07f2b452e78e677da1b45b1c0f6829" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1157641", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1157641" - }, - { - "name" : "http://support.citrix.com/article/CTX200892", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX200892" - }, - { - "name" : "DSA-3066", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3066" - }, - { - "name" : "DSA-3067", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3067" - }, - { - "name" : "RHSA-2015:0349", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0349.html" - }, - { - "name" : "RHSA-2015:0624", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0624.html" - }, - { - "name" : "SUSE-SU-2015:1782", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html" - }, - { - "name" : "USN-2409-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2409-1" - }, - { - "name" : "61484", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61484" - }, - { - "name" : "62143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62143" - }, - { - "name" : "62144", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62144" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "61484", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61484" + }, + { + "name": "RHSA-2015:0624", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0624.html" + }, + { + "name": "62144", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62144" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1157641", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1157641" + }, + { + "name": "SUSE-SU-2015:1782", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html" + }, + { + "name": "62143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62143" + }, + { + "name": "RHSA-2015:0349", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0349.html" + }, + { + "name": "DSA-3067", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3067" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=e6908bfe8e07f2b452e78e677da1b45b1c0f6829", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=e6908bfe8e07f2b452e78e677da1b45b1c0f6829" + }, + { + "name": "http://support.citrix.com/article/CTX200892", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX200892" + }, + { + "name": "USN-2409-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2409-1" + }, + { + "name": "DSA-3066", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3066" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8095.json b/2014/8xxx/CVE-2014-8095.json index 638aa6d0c4f..a7bb3ef7623 100644 --- a/2014/8xxx/CVE-2014-8095.json +++ b/2014/8xxx/CVE-2014-8095.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8095", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-8095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/", - "refsource" : "CONFIRM", - "url" : "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0532.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0532.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" - }, - { - "name" : "DSA-3095", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3095" - }, - { - "name" : "GLSA-201504-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-06" - }, - { - "name" : "MDVSA-2015:119", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:119" - }, - { - "name" : "71599", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71599" - }, - { - "name" : "62292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62292" - }, - { - "name" : "61947", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61947" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3095", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3095" + }, + { + "name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/", + "refsource": "CONFIRM", + "url": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0532.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0532.html" + }, + { + "name": "GLSA-201504-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-06" + }, + { + "name": "71599", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71599" + }, + { + "name": "62292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62292" + }, + { + "name": "MDVSA-2015:119", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:119" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" + }, + { + "name": "61947", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61947" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8176.json b/2014/8xxx/CVE-2014-8176.json index 9258093394f..99e9934cb4c 100644 --- a/2014/8xxx/CVE-2014-8176.json +++ b/2014/8xxx/CVE-2014-8176.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8176", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-8176", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7", - "refsource" : "CONFIRM", - "url" : "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7" - }, - { - "name" : "https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest", - "refsource" : "CONFIRM", - "url" : "https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest" - }, - { - "name" : "https://www.openssl.org/news/secadv_20150611.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openssl.org/news/secadv_20150611.txt" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351" - }, - { - "name" : "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015" - }, - { - "name" : "https://openssl.org/news/secadv/20150611.txt", - "refsource" : "CONFIRM", - "url" : "https://openssl.org/news/secadv/20150611.txt" - }, - { - "name" : "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa98", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa98" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10122" - }, - { - "name" : "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl" - }, - { - "name" : "DSA-3287", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3287" - }, - { - "name" : "GLSA-201506-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201506-02" - }, - { - "name" : "NetBSD-SA2015-008", - "refsource" : "NETBSD", - "url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc" - }, - { - "name" : "RHSA-2015:1115", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1115.html" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "openSUSE-SU-2015:1277", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" - }, - { - "name" : "SUSE-SU-2015:1185", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html" - }, - { - "name" : "USN-2639-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2639-1" - }, - { - "name" : "75159", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75159" - }, - { - "name" : "1032564", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032564" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3287", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3287" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122" + }, + { + "name": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015" + }, + { + "name": "https://openssl.org/news/secadv/20150611.txt", + "refsource": "CONFIRM", + "url": "https://openssl.org/news/secadv/20150611.txt" + }, + { + "name": "RHSA-2015:1115", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351" + }, + { + "name": "1032564", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032564" + }, + { + "name": "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl" + }, + { + "name": "openSUSE-SU-2015:1277", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" + }, + { + "name": "75159", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75159" + }, + { + "name": "USN-2639-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2639-1" + }, + { + "name": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015" + }, + { + "name": "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7", + "refsource": "CONFIRM", + "url": "https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7" + }, + { + "name": "GLSA-201506-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201506-02" + }, + { + "name": "https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest", + "refsource": "CONFIRM", + "url": "https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "SUSE-SU-2015:1185", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa98", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa98" + }, + { + "name": "NetBSD-SA2015-008", + "refsource": "NETBSD", + "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc" + }, + { + "name": "https://www.openssl.org/news/secadv_20150611.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv_20150611.txt" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8640.json b/2014/8xxx/CVE-2014-8640.json index 22848595996..c963ed1312e 100644 --- a/2014/8xxx/CVE-2014-8640.json +++ b/2014/8xxx/CVE-2014-8640.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8640", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-8640", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2015-05.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2015-05.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1100409", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1100409" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "openSUSE-SU-2015:0077", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html" - }, - { - "name" : "openSUSE-SU-2015:0192", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html" - }, - { - "name" : "SUSE-SU-2015:0171", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html" - }, - { - "name" : "SUSE-SU-2015:0173", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html" - }, - { - "name" : "SUSE-SU-2015:0180", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html" - }, - { - "name" : "72045", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72045" - }, - { - "name" : "1031533", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031533" - }, - { - "name" : "62242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62242" - }, - { - "name" : "62250", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62250" - }, - { - "name" : "62790", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62790" - }, - { - "name" : "62418", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62418" - }, - { - "name" : "firefox-cve20148640-info-disc(99960)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99960" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62242" + }, + { + "name": "1031533", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031533" + }, + { + "name": "openSUSE-SU-2015:0192", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2015-05.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2015-05.html" + }, + { + "name": "72045", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72045" + }, + { + "name": "62250", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62250" + }, + { + "name": "SUSE-SU-2015:0173", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1100409", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1100409" + }, + { + "name": "openSUSE-SU-2015:0077", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html" + }, + { + "name": "62418", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62418" + }, + { + "name": "SUSE-SU-2015:0171", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "62790", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62790" + }, + { + "name": "firefox-cve20148640-info-disc(99960)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99960" + }, + { + "name": "SUSE-SU-2015:0180", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8881.json b/2014/8xxx/CVE-2014-8881.json index d3960de897b..f887615fa08 100644 --- a/2014/8xxx/CVE-2014-8881.json +++ b/2014/8xxx/CVE-2014-8881.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8881", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8881", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8941.json b/2014/8xxx/CVE-2014-8941.json index 24fe0ac0afa..9fceda5fc2a 100644 --- a/2014/8xxx/CVE-2014-8941.json +++ b/2014/8xxx/CVE-2014-8941.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8941", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8941", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8997.json b/2014/8xxx/CVE-2014-8997.json index b23ea9698f3..c94832fe946 100644 --- a/2014/8xxx/CVE-2014-8997.json +++ b/2014/8xxx/CVE-2014-8997.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "35223", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/35223" - }, - { - "name" : "http://packetstormsecurity.com/files/129108/Digi-Online-Examination-System-2.0-Shell-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129108/Digi-Online-Examination-System-2.0-Shell-Upload.html" - }, - { - "name" : "digionlineexami-photo-file-upload(98662)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98662" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35223", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/35223" + }, + { + "name": "http://packetstormsecurity.com/files/129108/Digi-Online-Examination-System-2.0-Shell-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129108/Digi-Online-Examination-System-2.0-Shell-Upload.html" + }, + { + "name": "digionlineexami-photo-file-upload(98662)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98662" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9211.json b/2014/9xxx/CVE-2014-9211.json index 7194f9b51fe..c7faffe8be1 100644 --- a/2014/9xxx/CVE-2014-9211.json +++ b/2014/9xxx/CVE-2014-9211.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9211", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9211", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9561.json b/2014/9xxx/CVE-2014-9561.json index 81443c6fe41..f4bba1ea5a5 100644 --- a/2014/9xxx/CVE-2014-9561.json +++ b/2014/9xxx/CVE-2014-9561.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9561", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9561", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jan/21" - }, - { - "name" : "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html" - }, - { - "name" : "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/", - "refsource" : "MISC", - "url" : "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/" - }, - { - "name" : "71987", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71987" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "71987", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71987" + }, + { + "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jan/21" + }, + { + "name": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html" + }, + { + "name": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/", + "refsource": "MISC", + "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9973.json b/2014/9xxx/CVE-2014-9973.json index ffb79fa8694..aeb8b0f8fc3 100644 --- a/2014/9xxx/CVE-2014-9973.json +++ b/2014/9xxx/CVE-2014-9973.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2014-9973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Input Validation in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2014-9973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2044.json b/2016/2xxx/CVE-2016-2044.json index e48d7fc54be..0e8620b0945 100644 --- a/2016/2xxx/CVE-2016-2044.json +++ b/2016/2xxx/CVE-2016-2044.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2044", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2044", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-8.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-8.php" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/c57d3cc7b97b5f32801032f7bb222297aa97dfea", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/c57d3cc7b97b5f32801032f7bb222297aa97dfea" - }, - { - "name" : "FEDORA-2016-e1fe01e96e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" - }, - { - "name" : "FEDORA-2016-e55278763e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-8.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-8.php" + }, + { + "name": "FEDORA-2016-e55278763e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/c57d3cc7b97b5f32801032f7bb222297aa97dfea", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/c57d3cc7b97b5f32801032f7bb222297aa97dfea" + }, + { + "name": "FEDORA-2016-e1fe01e96e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2401.json b/2016/2xxx/CVE-2016-2401.json index e1a85b56923..ec05e02779d 100644 --- a/2016/2xxx/CVE-2016-2401.json +++ b/2016/2xxx/CVE-2016-2401.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2401", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2401", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2675.json b/2016/2xxx/CVE-2016-2675.json index 2da09e20a11..d46db703670 100644 --- a/2016/2xxx/CVE-2016-2675.json +++ b/2016/2xxx/CVE-2016-2675.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2675", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-2675", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2804.json b/2016/2xxx/CVE-2016-2804.json index 8f03c2cc86a..fc56a747693 100644 --- a/2016/2xxx/CVE-2016-2804.json +++ b/2016/2xxx/CVE-2016-2804.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-2804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1141382", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1141382" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1155328", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1155328" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1229855", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1229855" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1240880", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1240880" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1249183", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1249183" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1255298", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1255298" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "openSUSE-SU-2016:1211", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:1251", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html" - }, - { - "name" : "USN-2936-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2936-1" - }, - { - "name" : "USN-2936-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2936-2" - }, - { - "name" : "USN-2936-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2936-3" - }, - { - "name" : "1035692", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035692" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1240880", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1240880" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" + }, + { + "name": "openSUSE-SU-2016:1211", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html" + }, + { + "name": "1035692", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035692" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1141382", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1141382" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1229855", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1229855" + }, + { + "name": "openSUSE-SU-2016:1251", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html" + }, + { + "name": "USN-2936-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2936-2" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249183", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249183" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1155328", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1155328" + }, + { + "name": "USN-2936-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2936-1" + }, + { + "name": "USN-2936-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2936-3" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1255298", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1255298" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2943.json b/2016/2xxx/CVE-2016-2943.json index 4305eefb893..9e9cc44a298 100644 --- a/2016/2xxx/CVE-2016-2943.json +++ b/2016/2xxx/CVE-2016-2943.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2943", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-2943", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991960", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991960" - }, - { - "name" : "IV89736", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV89736" - }, - { - "name" : "94617", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IV89736", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV89736" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991960", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991960" + }, + { + "name": "94617", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94617" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6088.json b/2016/6xxx/CVE-2016-6088.json index da80d0dbc1a..18ebf6600d4 100644 --- a/2016/6xxx/CVE-2016-6088.json +++ b/2016/6xxx/CVE-2016-6088.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6088", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6088", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6177.json b/2016/6xxx/CVE-2016-6177.json index f0b005566db..34b54cbba64 100644 --- a/2016/6xxx/CVE-2016-6177.json +++ b/2016/6xxx/CVE-2016-6177.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@huawei.com", - "ID" : "CVE-2016-6177", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OceanStor 5800 V3 V300R003C00", - "version" : { - "version_data" : [ - { - "version_value" : "OceanStor 5800 V3 V300R003C00" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk arrays." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer Overflow" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@huawei.com", + "ID": "CVE-2016-6177", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OceanStor 5800 V3 V300R003C00", + "version": { + "version_data": [ + { + "version_value": "OceanStor 5800 V3 V300R003C00" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-02-oceanstor-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-02-oceanstor-en" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk arrays." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-02-oceanstor-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-02-oceanstor-en" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6292.json b/2016/6xxx/CVE-2016-6292.json index ef1cb867dea..18706c6f40e 100644 --- a/2016/6xxx/CVE-2016-6292.json +++ b/2016/6xxx/CVE-2016-6292.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6292", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6292", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160724 Re: Fwd: CVE for PHP 5.5.38 issues", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2016/07/24/2" - }, - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/72618", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/72618" - }, - { - "name" : "https://support.apple.com/HT207170", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207170" - }, - { - "name" : "APPLE-SA-2016-09-20", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" - }, - { - "name" : "DSA-3631", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3631" - }, - { - "name" : "GLSA-201611-22", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-22" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "92078", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92078" - }, - { - "name" : "1036430", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036430" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" + }, + { + "name": "GLSA-201611-22", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-22" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=41131cd41d2fd2e0c2f332a27988df75659c42e4" + }, + { + "name": "https://bugs.php.net/72618", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/72618" + }, + { + "name": "92078", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92078" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "1036430", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036430" + }, + { + "name": "DSA-3631", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3631" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "[oss-security] 20160724 Re: Fwd: CVE for PHP 5.5.38 issues", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2016/07/24/2" + }, + { + "name": "https://support.apple.com/HT207170", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207170" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6884.json b/2016/6xxx/CVE-2016-6884.json index cdca50352d7..f73505c378d 100644 --- a/2016/6xxx/CVE-2016-6884.json +++ b/2016/6xxx/CVE-2016-6884.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160819 Re: CVE request: MatrixSSL lack of RSA-CRT hardening", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/08/19/8" - }, - { - "name" : "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md" - }, - { - "name" : "91488", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91488" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md", + "refsource": "CONFIRM", + "url": "https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md" + }, + { + "name": "[oss-security] 20160819 Re: CVE request: MatrixSSL lack of RSA-CRT hardening", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/08/19/8" + }, + { + "name": "91488", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91488" + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5341.json b/2017/5xxx/CVE-2017-5341.json index b5f82773557..277b1814db0 100644 --- a/2017/5xxx/CVE-2017-5341.json +++ b/2017/5xxx/CVE-2017-5341.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5341", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print()." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5341", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html", - "refsource" : "CONFIRM", - "url" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html" - }, - { - "name" : "DSA-3775", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3775" - }, - { - "name" : "GLSA-201702-30", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201702-30" - }, - { - "name" : "RHSA-2017:1871", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1871" - }, - { - "name" : "95852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95852" - }, - { - "name" : "1037755", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037755" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print()." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037755", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037755" + }, + { + "name": "DSA-3775", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3775" + }, + { + "name": "RHSA-2017:1871", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1871" + }, + { + "name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html", + "refsource": "CONFIRM", + "url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html" + }, + { + "name": "95852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95852" + }, + { + "name": "GLSA-201702-30", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201702-30" + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5477.json b/2017/5xxx/CVE-2017-5477.json index dfb122e8dc0..03849d6f0ae 100644 --- a/2017/5xxx/CVE-2017-5477.json +++ b/2017/5xxx/CVE-2017-5477.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5477", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5477", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5935.json b/2017/5xxx/CVE-2017-5935.json index cc1f964a494..5be5b2bc39f 100644 --- a/2017/5xxx/CVE-2017-5935.json +++ b/2017/5xxx/CVE-2017-5935.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5935", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5935", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file