From ef044dae773719163d55edca5b50b6899fd356af Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:09:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0020.json | 180 ++++----- 2007/0xxx/CVE-2007-0185.json | 180 ++++----- 2007/0xxx/CVE-2007-0907.json | 500 ++++++++++++------------- 2007/0xxx/CVE-2007-0988.json | 580 ++++++++++++++--------------- 2007/1xxx/CVE-2007-1036.json | 200 +++++----- 2007/1xxx/CVE-2007-1322.json | 210 +++++------ 2007/1xxx/CVE-2007-1947.json | 140 +++---- 2007/3xxx/CVE-2007-3077.json | 170 ++++----- 2007/3xxx/CVE-2007-3375.json | 180 ++++----- 2007/3xxx/CVE-2007-3902.json | 240 ++++++------ 2007/4xxx/CVE-2007-4556.json | 250 ++++++------- 2007/4xxx/CVE-2007-4670.json | 390 +++++++++---------- 2007/4xxx/CVE-2007-4713.json | 170 ++++----- 2007/4xxx/CVE-2007-4765.json | 34 +- 2007/4xxx/CVE-2007-4845.json | 140 +++---- 2007/4xxx/CVE-2007-4993.json | 320 ++++++++-------- 2014/100xxx/CVE-2014-100025.json | 150 ++++---- 2015/2xxx/CVE-2015-2073.json | 34 +- 2015/2xxx/CVE-2015-2122.json | 140 +++---- 2015/2xxx/CVE-2015-2370.json | 140 +++---- 2015/3xxx/CVE-2015-3025.json | 34 +- 2015/3xxx/CVE-2015-3921.json | 150 ++++---- 2015/6xxx/CVE-2015-6067.json | 34 +- 2015/6xxx/CVE-2015-6519.json | 140 +++---- 2015/6xxx/CVE-2015-6527.json | 140 +++---- 2015/6xxx/CVE-2015-6720.json | 140 +++---- 2015/6xxx/CVE-2015-6941.json | 150 ++++---- 2015/7xxx/CVE-2015-7036.json | 150 ++++---- 2015/7xxx/CVE-2015-7861.json | 150 ++++---- 2016/0xxx/CVE-2016-0225.json | 130 +++---- 2016/0xxx/CVE-2016-0251.json | 34 +- 2016/1000xxx/CVE-2016-1000192.json | 34 +- 2016/10xxx/CVE-2016-10007.json | 120 +++--- 2016/10xxx/CVE-2016-10325.json | 140 +++---- 2016/1xxx/CVE-2016-1149.json | 170 ++++----- 2016/1xxx/CVE-2016-1196.json | 140 +++---- 2016/1xxx/CVE-2016-1322.json | 120 +++--- 2016/1xxx/CVE-2016-1439.json | 130 +++---- 2016/1xxx/CVE-2016-1464.json | 150 ++++---- 2016/1xxx/CVE-2016-1804.json | 160 ++++---- 2016/4xxx/CVE-2016-4044.json | 34 +- 2016/4xxx/CVE-2016-4440.json | 150 ++++---- 2016/4xxx/CVE-2016-4873.json | 150 ++++---- 2019/3xxx/CVE-2019-3199.json | 34 +- 2019/3xxx/CVE-2019-3214.json | 34 +- 2019/3xxx/CVE-2019-3543.json | 34 +- 2019/3xxx/CVE-2019-3965.json | 34 +- 2019/4xxx/CVE-2019-4608.json | 34 +- 2019/4xxx/CVE-2019-4667.json | 34 +- 2019/4xxx/CVE-2019-4751.json | 34 +- 2019/4xxx/CVE-2019-4952.json | 34 +- 2019/6xxx/CVE-2019-6557.json | 132 +++---- 2019/6xxx/CVE-2019-6863.json | 34 +- 2019/7xxx/CVE-2019-7157.json | 34 +- 2019/7xxx/CVE-2019-7609.json | 34 +- 2019/7xxx/CVE-2019-7797.json | 34 +- 2019/7xxx/CVE-2019-7864.json | 34 +- 2019/8xxx/CVE-2019-8285.json | 34 +- 2019/8xxx/CVE-2019-8338.json | 34 +- 2019/8xxx/CVE-2019-8454.json | 34 +- 2019/8xxx/CVE-2019-8829.json | 34 +- 2019/8xxx/CVE-2019-8888.json | 34 +- 2019/9xxx/CVE-2019-9194.json | 160 ++++---- 2019/9xxx/CVE-2019-9572.json | 120 +++--- 2019/9xxx/CVE-2019-9581.json | 140 +++---- 65 files changed, 4131 insertions(+), 4131 deletions(-) diff --git a/2007/0xxx/CVE-2007-0020.json b/2007/0xxx/CVE-2007-0020.json index 33f4d5e36e4..860087c604b 100644 --- a/2007/0xxx/CVE-2007-0020.json +++ b/2007/0xxx/CVE-2007-0020.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0020", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0020", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.info-pull.com/moab/MOAB-19-01-2007.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/moab/MOAB-19-01-2007.html" - }, - { - "name" : "3160", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3160" - }, - { - "name" : "22145", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22145" - }, - { - "name" : "ADV-2007-0273", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0273" - }, - { - "name" : "32694", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32694" - }, - { - "name" : "23861", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23861" - }, - { - "name" : "transmit-url-handler-bo(31673)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "transmit-url-handler-bo(31673)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31673" + }, + { + "name": "22145", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22145" + }, + { + "name": "23861", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23861" + }, + { + "name": "http://projects.info-pull.com/moab/MOAB-19-01-2007.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/moab/MOAB-19-01-2007.html" + }, + { + "name": "3160", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3160" + }, + { + "name": "ADV-2007-0273", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0273" + }, + { + "name": "32694", + "refsource": "OSVDB", + "url": "http://osvdb.org/32694" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0185.json b/2007/0xxx/CVE-2007-0185.json index d9e2d977f18..799e977a689 100644 --- a/2007/0xxx/CVE-2007-0185.json +++ b/2007/0xxx/CVE-2007-0185.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0185", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a batch." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0185", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://getahead.ltd.uk/dwr/changelog", - "refsource" : "CONFIRM", - "url" : "http://getahead.ltd.uk/dwr/changelog" - }, - { - "name" : "SUSE-SR:2009:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" - }, - { - "name" : "21955", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21955" - }, - { - "name" : "ADV-2007-0095", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0095" - }, - { - "name" : "32658", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32658" - }, - { - "name" : "23641", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23641" - }, - { - "name" : "dwr-servlet-engine-dos(31382)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31382" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a batch." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32658", + "refsource": "OSVDB", + "url": "http://osvdb.org/32658" + }, + { + "name": "23641", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23641" + }, + { + "name": "http://getahead.ltd.uk/dwr/changelog", + "refsource": "CONFIRM", + "url": "http://getahead.ltd.uk/dwr/changelog" + }, + { + "name": "ADV-2007-0095", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0095" + }, + { + "name": "SUSE-SR:2009:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" + }, + { + "name": "21955", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21955" + }, + { + "name": "dwr-servlet-engine-dos(31382)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31382" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0907.json b/2007/0xxx/CVE-2007-0907.json index 4da7bfa146c..9210acb7071 100644 --- a/2007/0xxx/CVE-2007-0907.json +++ b/2007/0xxx/CVE-2007-0907.json @@ -1,252 +1,252 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0907", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0907", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461462/100/0/threaded" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.1", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.1" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1088", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1088" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" - }, - { - "name" : "DSA-1264", - "refsource" : "DEBIAN", - "url" : "http://www.us.debian.org/security/2007/dsa-1264" - }, - { - "name" : "GLSA-200703-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml" - }, - { - "name" : "MDKSA-2007:048", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" - }, - { - "name" : "OpenPKG-SA-2007.010", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" - }, - { - "name" : "RHSA-2007:0076", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0076.html" - }, - { - "name" : "RHSA-2007:0081", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0081.html" - }, - { - "name" : "RHSA-2007:0089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0089.html" - }, - { - "name" : "RHSA-2007:0088", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0088.html" - }, - { - "name" : "RHSA-2007:0082", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0082.html" - }, - { - "name" : "20070201-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" - }, - { - "name" : "SUSE-SA:2007:020", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" - }, - { - "name" : "2007-0009", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0009/" - }, - { - "name" : "USN-424-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-1" - }, - { - "name" : "USN-424-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-2" - }, - { - "name" : "22496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22496" - }, - { - "name" : "oval:org.mitre.oval:def:11321", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11321" - }, - { - "name" : "ADV-2007-0546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0546" - }, - { - "name" : "32767", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32767" - }, - { - "name" : "1017671", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017671" - }, - { - "name" : "24089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24089" - }, - { - "name" : "24195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24195" - }, - { - "name" : "24217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24217" - }, - { - "name" : "24248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24248" - }, - { - "name" : "24236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24236" - }, - { - "name" : "24295", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24295" - }, - { - "name" : "24322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24322" - }, - { - "name" : "24432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24432" - }, - { - "name" : "24421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24421" - }, - { - "name" : "24514", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24514" - }, - { - "name" : "24606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24606" - }, - { - "name" : "24642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24642" - }, - { - "name" : "24284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24284" - }, - { - "name" : "24419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1264", + "refsource": "DEBIAN", + "url": "http://www.us.debian.org/security/2007/dsa-1264" + }, + { + "name": "24295", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24295" + }, + { + "name": "2007-0009", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0009/" + }, + { + "name": "OpenPKG-SA-2007.010", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" + }, + { + "name": "24195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24195" + }, + { + "name": "1017671", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017671" + }, + { + "name": "32767", + "refsource": "OSVDB", + "url": "http://osvdb.org/32767" + }, + { + "name": "24606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24606" + }, + { + "name": "24642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24642" + }, + { + "name": "24217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24217" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" + }, + { + "name": "24248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24248" + }, + { + "name": "24514", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24514" + }, + { + "name": "22496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22496" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1088", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1088" + }, + { + "name": "24284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24284" + }, + { + "name": "USN-424-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-2" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "GLSA-200703-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml" + }, + { + "name": "24432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24432" + }, + { + "name": "24421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24421" + }, + { + "name": "24089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24089" + }, + { + "name": "SUSE-SA:2007:020", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" + }, + { + "name": "RHSA-2007:0076", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html" + }, + { + "name": "24419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24419" + }, + { + "name": "RHSA-2007:0089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html" + }, + { + "name": "RHSA-2007:0088", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html" + }, + { + "name": "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" + }, + { + "name": "RHSA-2007:0082", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html" + }, + { + "name": "oval:org.mitre.oval:def:11321", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11321" + }, + { + "name": "20070201-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.1", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.1" + }, + { + "name": "MDKSA-2007:048", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" + }, + { + "name": "USN-424-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-1" + }, + { + "name": "RHSA-2007:0081", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html" + }, + { + "name": "24322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24322" + }, + { + "name": "24236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24236" + }, + { + "name": "ADV-2007-0546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0546" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0988.json b/2007/0xxx/CVE-2007-0988.json index 3138d067665..7d5ffca4c93 100644 --- a/2007/0xxx/CVE-2007-0988.json +++ b/2007/0xxx/CVE-2007-0988.json @@ -1,292 +1,292 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0988", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an \"a:2147483649:{\" argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0988", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461462/100/0/threaded" - }, - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858", - "refsource" : "MISC", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "MISC", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "http://www.php-security.org/MOPB/MOPB-05-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-05-2007.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1088", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1088" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" - }, - { - "name" : "DSA-1264", - "refsource" : "DEBIAN", - "url" : "http://www.us.debian.org/security/2007/dsa-1264" - }, - { - "name" : "GLSA-200703-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml" - }, - { - "name" : "HPSBMA02215", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "SSRT071423", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "HPSBTU02232", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SSRT071429", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "MDKSA-2007:048", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" - }, - { - "name" : "OpenPKG-SA-2007.010", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" - }, - { - "name" : "RHSA-2007:0076", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0076.html" - }, - { - "name" : "RHSA-2007:0081", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0081.html" - }, - { - "name" : "RHSA-2007:0089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0089.html" - }, - { - "name" : "RHSA-2007:0088", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0088.html" - }, - { - "name" : "RHSA-2007:0082", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0082.html" - }, - { - "name" : "20070201-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "2007-0009", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0009/" - }, - { - "name" : "USN-424-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-1" - }, - { - "name" : "USN-424-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-2" - }, - { - "name" : "oval:org.mitre.oval:def:11092", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11092" - }, - { - "name" : "ADV-2007-1991", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1991" - }, - { - "name" : "ADV-2007-2374", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2374" - }, - { - "name" : "32762", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32762" - }, - { - "name" : "1017671", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017671" - }, - { - "name" : "24195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24195" - }, - { - "name" : "24217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24217" - }, - { - "name" : "24248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24248" - }, - { - "name" : "24236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24236" - }, - { - "name" : "24295", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24295" - }, - { - "name" : "24322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24322" - }, - { - "name" : "24432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24432" - }, - { - "name" : "24421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24421" - }, - { - "name" : "24606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24606" - }, - { - "name" : "24642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24642" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - }, - { - "name" : "25423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25423" - }, - { - "name" : "24284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24284" - }, - { - "name" : "24419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24419" - }, - { - "name" : "25850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25850" - }, - { - "name" : "2315", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2315" - }, - { - "name" : "php-zendhashinit-dos(32709)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32709" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an \"a:2147483649:{\" argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1264", + "refsource": "DEBIAN", + "url": "http://www.us.debian.org/security/2007/dsa-1264" + }, + { + "name": "24295", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24295" + }, + { + "name": "2007-0009", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0009/" + }, + { + "name": "OpenPKG-SA-2007.010", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" + }, + { + "name": "24195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24195" + }, + { + "name": "ADV-2007-1991", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1991" + }, + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "1017671", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017671" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-05-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-05-2007.html" + }, + { + "name": "SSRT071423", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "MISC", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "24606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24606" + }, + { + "name": "2315", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2315" + }, + { + "name": "24642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24642" + }, + { + "name": "php-zendhashinit-dos(32709)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32709" + }, + { + "name": "24217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24217" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" + }, + { + "name": "24248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24248" + }, + { + "name": "HPSBTU02232", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1088", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1088" + }, + { + "name": "oval:org.mitre.oval:def:11092", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11092" + }, + { + "name": "24284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24284" + }, + { + "name": "USN-424-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-2" + }, + { + "name": "32762", + "refsource": "OSVDB", + "url": "http://osvdb.org/32762" + }, + { + "name": "GLSA-200703-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml" + }, + { + "name": "SSRT071429", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "24432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24432" + }, + { + "name": "24421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24421" + }, + { + "name": "ADV-2007-2374", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2374" + }, + { + "name": "25423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25423" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858", + "refsource": "MISC", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858" + }, + { + "name": "RHSA-2007:0076", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html" + }, + { + "name": "24419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24419" + }, + { + "name": "RHSA-2007:0089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html" + }, + { + "name": "RHSA-2007:0088", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html" + }, + { + "name": "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" + }, + { + "name": "HPSBMA02215", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "RHSA-2007:0082", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html" + }, + { + "name": "25850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25850" + }, + { + "name": "20070201-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" + }, + { + "name": "MDKSA-2007:048", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + }, + { + "name": "USN-424-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-1" + }, + { + "name": "RHSA-2007:0081", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html" + }, + { + "name": "24322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24322" + }, + { + "name": "24236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24236" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1036.json b/2007/1xxx/CVE-2007-1036.json index 4c92a87dc56..40903438c16 100644 --- a/2007/1xxx/CVE-2007-1036.json +++ b/2007/1xxx/CVE-2007-1036.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070220 Jboss vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460597/100/0/threaded" - }, - { - "name" : "20070220 Re: Jboss vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460695/100/0/threaded" - }, - { - "name" : "20070220 Re: Jboss vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460605/100/0/threaded" - }, - { - "name" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss", - "refsource" : "MISC", - "url" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss" - }, - { - "name" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole", - "refsource" : "MISC", - "url" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole" - }, - { - "name" : "VU#632656", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/632656" - }, - { - "name" : "33744", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33744" - }, - { - "name" : "1017677", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017677" - }, - { - "name" : "jboss-admin-unauth-access(32596)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32596" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss", + "refsource": "MISC", + "url": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss" + }, + { + "name": "1017677", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017677" + }, + { + "name": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole", + "refsource": "MISC", + "url": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole" + }, + { + "name": "jboss-admin-unauth-access(32596)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32596" + }, + { + "name": "VU#632656", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/632656" + }, + { + "name": "20070220 Jboss vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460597/100/0/threaded" + }, + { + "name": "33744", + "refsource": "OSVDB", + "url": "http://osvdb.org/33744" + }, + { + "name": "20070220 Re: Jboss vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460605/100/0/threaded" + }, + { + "name": "20070220 Re: Jboss vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460695/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1322.json b/2007/1xxx/CVE-2007-1322.json index dc87232263f..a334b2387c6 100644 --- a/2007/1xxx/CVE-2007-1322.json +++ b/2007/1xxx/CVE-2007-1322.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://taviso.decsystem.org/virtsec.pdf", - "refsource" : "MISC", - "url" : "http://taviso.decsystem.org/virtsec.pdf" - }, - { - "name" : "DSA-1284", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1284" - }, - { - "name" : "MDVSA-2008:162", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162" - }, - { - "name" : "23731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23731" - }, - { - "name" : "35496", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35496" - }, - { - "name" : "ADV-2007-1597", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1597" - }, - { - "name" : "25073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25073" - }, - { - "name" : "25095", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25095" - }, - { - "name" : "29129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29129" - }, - { - "name" : "qemu-icebp-dos(34043)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34043" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "qemu-icebp-dos(34043)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34043" + }, + { + "name": "23731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23731" + }, + { + "name": "DSA-1284", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1284" + }, + { + "name": "25073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25073" + }, + { + "name": "http://taviso.decsystem.org/virtsec.pdf", + "refsource": "MISC", + "url": "http://taviso.decsystem.org/virtsec.pdf" + }, + { + "name": "MDVSA-2008:162", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162" + }, + { + "name": "35496", + "refsource": "OSVDB", + "url": "http://osvdb.org/35496" + }, + { + "name": "ADV-2007-1597", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1597" + }, + { + "name": "29129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29129" + }, + { + "name": "25095", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25095" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1947.json b/2007/1xxx/CVE-2007-1947.json index 01e4233cb4f..0cc29cc48c2 100644 --- a/2007/1xxx/CVE-2007-1947.json +++ b/2007/1xxx/CVE-2007-1947.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070406 Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464875/100/0/threaded" - }, - { - "name" : "http://larholm.com/2007/04/06/more-0day-in-firebug/", - "refsource" : "MISC", - "url" : "http://larholm.com/2007/04/06/more-0day-in-firebug/" - }, - { - "name" : "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6", - "refsource" : "CONFIRM", - "url" : "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070406 Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464875/100/0/threaded" + }, + { + "name": "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6", + "refsource": "CONFIRM", + "url": "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6" + }, + { + "name": "http://larholm.com/2007/04/06/more-0day-in-firebug/", + "refsource": "MISC", + "url": "http://larholm.com/2007/04/06/more-0day-in-firebug/" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3077.json b/2007/3xxx/CVE-2007-3077.json index dbb9f8e6d60..3bb95b5d3b2 100644 --- a/2007/3xxx/CVE-2007-3077.json +++ b/2007/3xxx/CVE-2007-3077.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3077", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3077", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4030", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4030" - }, - { - "name" : "24294", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24294" - }, - { - "name" : "ADV-2007-2059", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2059" - }, - { - "name" : "36410", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36410" - }, - { - "name" : "25548", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25548" - }, - { - "name" : "eqdkp-listmembers-sql-injection(34699)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34699" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36410", + "refsource": "OSVDB", + "url": "http://osvdb.org/36410" + }, + { + "name": "25548", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25548" + }, + { + "name": "4030", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4030" + }, + { + "name": "eqdkp-listmembers-sql-injection(34699)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34699" + }, + { + "name": "ADV-2007-2059", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2059" + }, + { + "name": "24294", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24294" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3375.json b/2007/3xxx/CVE-2007-3375.json index 0ad461121d8..ae7c9d80f6c 100644 --- a/2007/3xxx/CVE-2007-3375.json +++ b/2007/3xxx/CVE-2007-3375.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1", - "refsource" : "MISC", - "url" : "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1" - }, - { - "name" : "http://vuln.sg/lhaca121-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/lhaca121-en.html" - }, - { - "name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html", - "refsource" : "MISC", - "url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html" - }, - { - "name" : "VU#871497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/871497" - }, - { - "name" : "24604", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24604" - }, - { - "name" : "25826", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25826" - }, - { - "name" : "lhaca-lzh-bo(35116)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html", + "refsource": "MISC", + "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html" + }, + { + "name": "VU#871497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/871497" + }, + { + "name": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1", + "refsource": "MISC", + "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1" + }, + { + "name": "lhaca-lzh-bo(35116)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35116" + }, + { + "name": "http://vuln.sg/lhaca121-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/lhaca121-en.html" + }, + { + "name": "24604", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24604" + }, + { + "name": "25826", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25826" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3902.json b/2007/3xxx/CVE-2007-3902.json index 102d40e1128..134044e3b5b 100644 --- a/2007/3xxx/CVE-2007-3902.json +++ b/2007/3xxx/CVE-2007-3902.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of \"Uninitialized Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-3902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071211 Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631" - }, - { - "name" : "20071211 ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484887/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html" - }, - { - "name" : "HPSBST02299", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded" - }, - { - "name" : "SSRT071506", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded" - }, - { - "name" : "MS07-069", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069" - }, - { - "name" : "TA07-345A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" - }, - { - "name" : "26506", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26506" - }, - { - "name" : "ADV-2007-4184", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4184" - }, - { - "name" : "oval:org.mitre.oval:def:4582", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582" - }, - { - "name" : "1019078", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019078" - }, - { - "name" : "28036", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28036" - }, - { - "name" : "ie-uninit-object-code-execution(38713)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of \"Uninitialized Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26506", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26506" + }, + { + "name": "1019078", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019078" + }, + { + "name": "20071211 Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631" + }, + { + "name": "SSRT071506", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" + }, + { + "name": "28036", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28036" + }, + { + "name": "MS07-069", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069" + }, + { + "name": "ADV-2007-4184", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4184" + }, + { + "name": "HPSBST02299", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" + }, + { + "name": "TA07-345A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" + }, + { + "name": "20071211 ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484887/100/0/threaded" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html" + }, + { + "name": "oval:org.mitre.oval:def:4582", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582" + }, + { + "name": "ie-uninit-object-code-execution(38713)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38713" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4556.json b/2007/4xxx/CVE-2007-4556.json index 4c8adbdcdbc..6ec457d5cdf 100644 --- a/2007/4xxx/CVE-2007-4556.json +++ b/2007/4xxx/CVE-2007-4556.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a \"%{\" sequence and ending with a \"}\" character." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forums.opensymphony.com/ann.jspa?annID=54", - "refsource" : "CONFIRM", - "url" : "http://forums.opensymphony.com/ann.jspa?annID=54" - }, - { - "name" : "http://issues.apache.org/struts/browse/WW-2030", - "refsource" : "CONFIRM", - "url" : "http://issues.apache.org/struts/browse/WW-2030" - }, - { - "name" : "http://jira.opensymphony.com/browse/XW-544", - "refsource" : "CONFIRM", - "url" : "http://jira.opensymphony.com/browse/XW-544" - }, - { - "name" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701", - "refsource" : "CONFIRM", - "url" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701" - }, - { - "name" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706", - "refsource" : "CONFIRM", - "url" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706" - }, - { - "name" : "http://struts.apache.org/2.x/docs/s2-001.html", - "refsource" : "CONFIRM", - "url" : "http://struts.apache.org/2.x/docs/s2-001.html" - }, - { - "name" : "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release", - "refsource" : "CONFIRM", - "url" : "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release" - }, - { - "name" : "25524", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25524" - }, - { - "name" : "ADV-2007-3041", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3041" - }, - { - "name" : "ADV-2007-3042", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3042" - }, - { - "name" : "37072", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37072" - }, - { - "name" : "26681", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26681" - }, - { - "name" : "26693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26693" - }, - { - "name" : "26694", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26694" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a \"%{\" sequence and ending with a \"}\" character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25524", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25524" + }, + { + "name": "http://jira.opensymphony.com/browse/XW-544", + "refsource": "CONFIRM", + "url": "http://jira.opensymphony.com/browse/XW-544" + }, + { + "name": "http://issues.apache.org/struts/browse/WW-2030", + "refsource": "CONFIRM", + "url": "http://issues.apache.org/struts/browse/WW-2030" + }, + { + "name": "ADV-2007-3041", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3041" + }, + { + "name": "http://forums.opensymphony.com/ann.jspa?annID=54", + "refsource": "CONFIRM", + "url": "http://forums.opensymphony.com/ann.jspa?annID=54" + }, + { + "name": "ADV-2007-3042", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3042" + }, + { + "name": "26693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26693" + }, + { + "name": "26681", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26681" + }, + { + "name": "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release", + "refsource": "CONFIRM", + "url": "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release" + }, + { + "name": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706", + "refsource": "CONFIRM", + "url": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706" + }, + { + "name": "37072", + "refsource": "OSVDB", + "url": "http://osvdb.org/37072" + }, + { + "name": "http://struts.apache.org/2.x/docs/s2-001.html", + "refsource": "CONFIRM", + "url": "http://struts.apache.org/2.x/docs/s2-001.html" + }, + { + "name": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701", + "refsource": "CONFIRM", + "url": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701" + }, + { + "name": "26694", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26694" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4670.json b/2007/4xxx/CVE-2007-4670.json index 9c2fc4dd650..5eb72a765c8 100644 --- a/2007/4xxx/CVE-2007-4670.json +++ b/2007/4xxx/CVE-2007-4670.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4670", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an \"Improved fix for MOPB-03-2007,\" probably a variant of CVE-2007-1285." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4670", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.4", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.4" - }, - { - "name" : "http://www.php.net/releases/5_2_4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_4.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1702", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1702" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1693", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1693" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" - }, - { - "name" : "https://launchpad.net/bugs/173043", - "refsource" : "CONFIRM", - "url" : "https://launchpad.net/bugs/173043" - }, - { - "name" : "FEDORA-2007-709", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "MDKSA-2007:187", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" - }, - { - "name" : "RHSA-2007:0890", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html" - }, - { - "name" : "RHSA-2007:0889", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html" - }, - { - "name" : "RHSA-2007:0888", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0888.html" - }, - { - "name" : "RHSA-2007:0891", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html" - }, - { - "name" : "2007-0026", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0026/" - }, - { - "name" : "USN-549-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/549-1/" - }, - { - "name" : "USN-549-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-549-2" - }, - { - "name" : "oval:org.mitre.oval:def:11028", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028" - }, - { - "name" : "26822", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26822" - }, - { - "name" : "26838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26838" - }, - { - "name" : "26930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26930" - }, - { - "name" : "26871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26871" - }, - { - "name" : "26895", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26895" - }, - { - "name" : "26967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26967" - }, - { - "name" : "27351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27351" - }, - { - "name" : "27377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27377" - }, - { - "name" : "27545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27545" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "27864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27864" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an \"Improved fix for MOPB-03-2007,\" probably a variant of CVE-2007-1285." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26822", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26822" + }, + { + "name": "https://launchpad.net/bugs/173043", + "refsource": "CONFIRM", + "url": "https://launchpad.net/bugs/173043" + }, + { + "name": "RHSA-2007:0888", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0888.html" + }, + { + "name": "FEDORA-2007-709", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" + }, + { + "name": "26967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26967" + }, + { + "name": "27351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27351" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "27864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27864" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.4", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.4" + }, + { + "name": "26930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26930" + }, + { + "name": "2007-0026", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0026/" + }, + { + "name": "RHSA-2007:0889", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html" + }, + { + "name": "USN-549-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/549-1/" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1693", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1693" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1702", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1702" + }, + { + "name": "27545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27545" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" + }, + { + "name": "26838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26838" + }, + { + "name": "27377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27377" + }, + { + "name": "MDKSA-2007:187", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "http://www.php.net/releases/5_2_4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_4.php" + }, + { + "name": "26895", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26895" + }, + { + "name": "USN-549-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-549-2" + }, + { + "name": "RHSA-2007:0890", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html" + }, + { + "name": "RHSA-2007:0891", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html" + }, + { + "name": "26871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26871" + }, + { + "name": "oval:org.mitre.oval:def:11028", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4713.json b/2007/4xxx/CVE-2007-4713.json index 6d52c6b1f35..b5083faf114 100644 --- a/2007/4xxx/CVE-2007-4713.json +++ b/2007/4xxx/CVE-2007-4713.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html" - }, - { - "name" : "25530", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25530" - }, - { - "name" : "ADV-2007-3085", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3085" - }, - { - "name" : "36807", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36807" - }, - { - "name" : "26682", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26682" - }, - { - "name" : "urchin-urchin-xss(36401)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36401" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "urchin-urchin-xss(36401)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36401" + }, + { + "name": "ADV-2007-3085", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3085" + }, + { + "name": "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html", + "refsource": "MISC", + "url": "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html" + }, + { + "name": "36807", + "refsource": "OSVDB", + "url": "http://osvdb.org/36807" + }, + { + "name": "26682", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26682" + }, + { + "name": "25530", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25530" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4765.json b/2007/4xxx/CVE-2007-4765.json index 3c680b2f7c8..f3cc4939dc0 100644 --- a/2007/4xxx/CVE-2007-4765.json +++ b/2007/4xxx/CVE-2007-4765.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4765", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4765", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4845.json b/2007/4xxx/CVE-2007-4845.json index be724f5eada..a8da7f4ac07 100644 --- a/2007/4xxx/CVE-2007-4845.json +++ b/2007/4xxx/CVE-2007-4845.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4845", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4845", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4371", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4371" - }, - { - "name" : "25589", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25589" - }, - { - "name" : "37077", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37077" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25589", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25589" + }, + { + "name": "4371", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4371" + }, + { + "name": "37077", + "refsource": "OSVDB", + "url": "http://osvdb.org/37077" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4993.json b/2007/4xxx/CVE-2007-4993.json index e35e58b4960..c6ba11331b5 100644 --- a/2007/4xxx/CVE-2007-4993.json +++ b/2007/4xxx/CVE-2007-4993.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4993", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-4993", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071008 rPSA-2007-0210-1 xen", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481825/100/0/threaded" - }, - { - "name" : "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1752", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1752" - }, - { - "name" : "DSA-1384", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1384" - }, - { - "name" : "FEDORA-2007-2270", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html" - }, - { - "name" : "FEDORA-2007-713", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html" - }, - { - "name" : "FEDORA-2007-2708", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html" - }, - { - "name" : "MDKSA-2007:203", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203" - }, - { - "name" : "RHSA-2007:0323", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0323.html" - }, - { - "name" : "USN-527-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-527-1" - }, - { - "name" : "25825", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25825" - }, - { - "name" : "oval:org.mitre.oval:def:11240", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11240" - }, - { - "name" : "ADV-2007-3348", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3348" - }, - { - "name" : "26986", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26986" - }, - { - "name" : "27085", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27085" - }, - { - "name" : "27161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27161" - }, - { - "name" : "27072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27072" - }, - { - "name" : "27103", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27103" - }, - { - "name" : "27486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27486" - }, - { - "name" : "27141", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27141" - }, - { - "name" : "27047", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27047" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:203", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1752", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1752" + }, + { + "name": "FEDORA-2007-2270", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html" + }, + { + "name": "27047", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27047" + }, + { + "name": "26986", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26986" + }, + { + "name": "27486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27486" + }, + { + "name": "27085", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27085" + }, + { + "name": "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068", + "refsource": "CONFIRM", + "url": "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068" + }, + { + "name": "27141", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27141" + }, + { + "name": "FEDORA-2007-2708", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html" + }, + { + "name": "27103", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27103" + }, + { + "name": "20071008 rPSA-2007-0210-1 xen", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481825/100/0/threaded" + }, + { + "name": "RHSA-2007:0323", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0323.html" + }, + { + "name": "27161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27161" + }, + { + "name": "25825", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25825" + }, + { + "name": "27072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27072" + }, + { + "name": "oval:org.mitre.oval:def:11240", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11240" + }, + { + "name": "FEDORA-2007-713", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html" + }, + { + "name": "USN-527-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-527-1" + }, + { + "name": "DSA-1384", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1384" + }, + { + "name": "ADV-2007-3348", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3348" + } + ] + } +} \ No newline at end of file diff --git a/2014/100xxx/CVE-2014-100025.json b/2014/100xxx/CVE-2014-100025.json index 49196ca527f..7554d4233fd 100644 --- a/2014/100xxx/CVE-2014-100025.json +++ b/2014/100xxx/CVE-2014-100025.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-100025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-100025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/125379", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/125379" - }, - { - "name" : "66287", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66287" - }, - { - "name" : "57102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57102" - }, - { - "name" : "savsoft-quiz-csrf(91548)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91548" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "66287", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66287" + }, + { + "name": "http://packetstormsecurity.com/files/125379", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/125379" + }, + { + "name": "57102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57102" + }, + { + "name": "savsoft-quiz-csrf(91548)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91548" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2073.json b/2015/2xxx/CVE-2015-2073.json index 78bb794b7b4..3e71d2a47be 100644 --- a/2015/2xxx/CVE-2015-2073.json +++ b/2015/2xxx/CVE-2015-2073.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2073", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2073", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2122.json b/2015/2xxx/CVE-2015-2122.json index 4e6d7387843..7d46b08bac9 100644 --- a/2015/2xxx/CVE-2015-2122.json +++ b/2015/2xxx/CVE-2015-2122.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2015-2122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBGN03329", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823" - }, - { - "name" : "SSRT102049", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823" - }, - { - "name" : "74588", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74588", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74588" + }, + { + "name": "SSRT102049", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823" + }, + { + "name": "HPSBGN03329", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2370.json b/2015/2xxx/CVE-2015-2370.json index 971fcf91e27..c5b5c58f7cf 100644 --- a/2015/2xxx/CVE-2015-2370.json +++ b/2015/2xxx/CVE-2015-2370.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka \"Windows RPC Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37768", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37768/" - }, - { - "name" : "MS15-076", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-076" - }, - { - "name" : "1032907", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka \"Windows RPC Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032907", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032907" + }, + { + "name": "37768", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37768/" + }, + { + "name": "MS15-076", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-076" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3025.json b/2015/3xxx/CVE-2015-3025.json index a248f9dff6a..35c8e57a696 100644 --- a/2015/3xxx/CVE-2015-3025.json +++ b/2015/3xxx/CVE-2015-3025.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3025", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3025", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3921.json b/2015/3xxx/CVE-2015-3921.json index 5e388716bb4..3c9c141ae4f 100644 --- a/2015/3xxx/CVE-2015-3921.json +++ b/2015/3xxx/CVE-2015-3921.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3921", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3921", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html" - }, - { - "name" : "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html", - "refsource" : "CONFIRM", - "url" : "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html" - }, - { - "name" : "74872", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74872" - }, - { - "name" : "1032558", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html" + }, + { + "name": "1032558", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032558" + }, + { + "name": "74872", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74872" + }, + { + "name": "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html", + "refsource": "CONFIRM", + "url": "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6067.json b/2015/6xxx/CVE-2015-6067.json index dd8dd294f1d..8fa6a40d88e 100644 --- a/2015/6xxx/CVE-2015-6067.json +++ b/2015/6xxx/CVE-2015-6067.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6067", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6067", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6519.json b/2015/6xxx/CVE-2015-6519.json index 95e1dce7311..1d9873e2d3e 100644 --- a/2015/6xxx/CVE-2015-6519.json +++ b/2015/6xxx/CVE-2015-6519.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6519", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6519", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37594", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37594/" - }, - { - "name" : "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html" - }, - { - "name" : "https://youtu.be/5nFblYE90Vk", - "refsource" : "MISC", - "url" : "https://youtu.be/5nFblYE90Vk" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37594", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37594/" + }, + { + "name": "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html" + }, + { + "name": "https://youtu.be/5nFblYE90Vk", + "refsource": "MISC", + "url": "https://youtu.be/5nFblYE90Vk" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6527.json b/2015/6xxx/CVE-2015-6527.json index 6831fa9b37b..3ab6b871dfc 100644 --- a/2015/6xxx/CVE-2015-6527.json +++ b/2015/6xxx/CVE-2015-6527.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6527", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6527", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150730 Re: CVE Request: PHP v7 - Code execution vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/07/30/11" - }, - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70140", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5" + }, + { + "name": "[oss-security] 20150730 Re: CVE Request: PHP v7 - Code execution vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/07/30/11" + }, + { + "name": "https://bugs.php.net/bug.php?id=70140", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70140" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6720.json b/2015/6xxx/CVE-2015-6720.json index 1af95367c4a..569aa979258 100644 --- a/2015/6xxx/CVE-2015-6720.json +++ b/2015/6xxx/CVE-2015-6720.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-506", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-506" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-506", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-506" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6941.json b/2015/6xxx/CVE-2015-6941.json index 9171b37336b..a8b4621db43 100644 --- a/2015/6xxx/CVE-2015-6941.json +++ b/2015/6xxx/CVE-2015-6941.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1273066", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1273066" - }, - { - "name" : "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html", - "refsource" : "CONFIRM", - "url" : "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html" - }, - { - "name" : "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html", - "refsource" : "CONFIRM", - "url" : "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html" - }, - { - "name" : "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710", - "refsource" : "CONFIRM", - "url" : "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html", + "refsource": "CONFIRM", + "url": "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html" + }, + { + "name": "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html", + "refsource": "CONFIRM", + "url": "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273066", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273066" + }, + { + "name": "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710", + "refsource": "CONFIRM", + "url": "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7036.json b/2015/7xxx/CVE-2015-7036.json index 47d889d25d5..6ef74614151 100644 --- a/2015/7xxx/CVE-2015-7036.json +++ b/2015/7xxx/CVE-2015-7036.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-15-570/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-15-570/" - }, - { - "name" : "http://support.apple.com/kb/HT204941", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204941" - }, - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "GLSA-201612-21", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-21" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT204941", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204941" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-15-570/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-15-570/" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + }, + { + "name": "GLSA-201612-21", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-21" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7861.json b/2015/7xxx/CVE-2015-7861.json index 05ee50c5543..cd1be295d5e 100644 --- a/2015/7xxx/CVE-2015-7861.json +++ b/2015/7xxx/CVE-2015-7861.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-15-364/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-15-364/" - }, - { - "name" : "VU#966927", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/966927" - }, - { - "name" : "75966", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75966" - }, - { - "name" : "1033861", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033861" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#966927", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/966927" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-15-364/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-15-364/" + }, + { + "name": "75966", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75966" + }, + { + "name": "1033861", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033861" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0225.json b/2016/0xxx/CVE-2016-0225.json index 8fb1caef7e9..7f5f0ec3980 100644 --- a/2016/0xxx/CVE-2016-0225.json +++ b/2016/0xxx/CVE-2016-0225.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976623", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976623" - }, - { - "name" : "JR54585", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54585" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JR54585", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54585" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21976623", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976623" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0251.json b/2016/0xxx/CVE-2016-0251.json index c757c2fd8a2..21da192985c 100644 --- a/2016/0xxx/CVE-2016-0251.json +++ b/2016/0xxx/CVE-2016-0251.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0251", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-0251", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000192.json b/2016/1000xxx/CVE-2016-1000192.json index 8b4db276b26..91dbfb2932d 100644 --- a/2016/1000xxx/CVE-2016-1000192.json +++ b/2016/1000xxx/CVE-2016-1000192.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000192", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000192", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10007.json b/2016/10xxx/CVE-2016-10007.json index caa6059c90c..cc3627d8da0 100644 --- a/2016/10xxx/CVE-2016-10007.json +++ b/2016/10xxx/CVE-2016-10007.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10007", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the \"Marketing > Forms\" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10007", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html", - "refsource" : "MISC", - "url" : "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the \"Marketing > Forms\" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html", + "refsource": "MISC", + "url": "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10325.json b/2016/10xxx/CVE-2016-10325.json index 4906e123cda..6765fa457b9 100644 --- a/2016/10xxx/CVE-2016-10325.json +++ b/2016/10xxx/CVE-2016-10325.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://savannah.gnu.org/support/index.php?109131", - "refsource" : "CONFIRM", - "url" : "https://savannah.gnu.org/support/index.php?109131" - }, - { - "name" : "DSA-3879", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3879" - }, - { - "name" : "92921", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92921" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3879", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3879" + }, + { + "name": "92921", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92921" + }, + { + "name": "https://savannah.gnu.org/support/index.php?109131", + "refsource": "CONFIRM", + "url": "https://savannah.gnu.org/support/index.php?109131" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1149.json b/2016/1xxx/CVE-2016-1149.json index 9abfcf97bc0..bc82af1d586 100644 --- a/2016/1xxx/CVE-2016-1149.json +++ b/2016/1xxx/CVE-2016-1149.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1149", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1149", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cs.cybozu.co.jp/2015/006072.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2015/006072.html" - }, - { - "name" : "https://cs.cybozu.co.jp/2015/006087.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2015/006087.html" - }, - { - "name" : "https://cs.cybozu.co.jp/2016/006107.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2016/006107.html" - }, - { - "name" : "https://cs.cybozu.co.jp/2016/006109.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2016/006109.html" - }, - { - "name" : "JVN#69278491", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN69278491/index.html" - }, - { - "name" : "JVNDB-2016-000026", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000026" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000026", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000026" + }, + { + "name": "https://cs.cybozu.co.jp/2015/006072.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2015/006072.html" + }, + { + "name": "https://cs.cybozu.co.jp/2015/006087.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2015/006087.html" + }, + { + "name": "https://cs.cybozu.co.jp/2016/006107.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2016/006107.html" + }, + { + "name": "JVN#69278491", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN69278491/index.html" + }, + { + "name": "https://cs.cybozu.co.jp/2016/006109.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2016/006109.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1196.json b/2016/1xxx/CVE-2016-1196.json index 2c9b1089422..958ed7c846c 100644 --- a/2016/1xxx/CVE-2016-1196.json +++ b/2016/1xxx/CVE-2016-1196.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/8970", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/8970" - }, - { - "name" : "JVN#33879831", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN33879831/index.html" - }, - { - "name" : "JVNDB-2016-000082", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000082" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#33879831", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN33879831/index.html" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/8970", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/8970" + }, + { + "name": "JVNDB-2016-000082", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000082" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1322.json b/2016/1xxx/CVE-2016-1322.json index 27d4347101f..b41ec027904 100644 --- a/2016/1xxx/CVE-2016-1322.json +++ b/2016/1xxx/CVE-2016-1322.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160210 Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160210 Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1439.json b/2016/1xxx/CVE-2016-1439.json index 71801f18def..65e83b1e088 100644 --- a/2016/1xxx/CVE-2016-1439.json +++ b/2016/1xxx/CVE-2016-1439.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1439", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1439", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160622 Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce" - }, - { - "name" : "1036155", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036155" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160622 Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce" + }, + { + "name": "1036155", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036155" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1464.json b/2016/1xxx/CVE-2016-1464.json index f82f9088cef..4306180ce51 100644 --- a/2016/1xxx/CVE-2016-1464.json +++ b/2016/1xxx/CVE-2016-1464.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40508", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40508/" - }, - { - "name" : "20160831 Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player" - }, - { - "name" : "92708", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92708" - }, - { - "name" : "1036712", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036712" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160831 Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player" + }, + { + "name": "1036712", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036712" + }, + { + "name": "92708", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92708" + }, + { + "name": "40508", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40508/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1804.json b/2016/1xxx/CVE-2016-1804.json index ce65945b40e..092e058784e 100644 --- a/2016/1xxx/CVE-2016-1804.json +++ b/2016/1xxx/CVE-2016-1804.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-358", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-358" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90696" - }, - { - "name" : "1035895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-358", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-358" + }, + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "90696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90696" + }, + { + "name": "1035895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035895" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4044.json b/2016/4xxx/CVE-2016-4044.json index 2081b22132c..c5a7a88ef30 100644 --- a/2016/4xxx/CVE-2016-4044.json +++ b/2016/4xxx/CVE-2016-4044.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4044", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4044", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4440.json b/2016/4xxx/CVE-2016-4440.json index 59036475a43..205d621d127 100644 --- a/2016/4xxx/CVE-2016-4440.json +++ b/2016/4xxx/CVE-2016-4440.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4440", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160520 CVE-2016-4440 Kernel: kvm: vmx: incorrect state update leading to MSR access", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/20/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1337806", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1337806" - }, - { - "name" : "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1337806", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337806" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f" + }, + { + "name": "[oss-security] 20160520 CVE-2016-4440 Kernel: kvm: vmx: incorrect state update leading to MSR access", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/20/2" + }, + { + "name": "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4873.json b/2016/4xxx/CVE-2016-4873.json index 642d53f31b8..9a6a8f9e972 100644 --- a/2016/4xxx/CVE-2016-4873.json +++ b/2016/4xxx/CVE-2016-4873.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4873", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4873", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9442", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9442" - }, - { - "name" : "JVN#07148816", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN07148816/index.html" - }, - { - "name" : "JVNDB-2016-000189", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000189.html" - }, - { - "name" : "93461", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93461" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.cybozu.com/ja-jp/article/9442", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9442" + }, + { + "name": "93461", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93461" + }, + { + "name": "JVN#07148816", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN07148816/index.html" + }, + { + "name": "JVNDB-2016-000189", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000189.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3199.json b/2019/3xxx/CVE-2019-3199.json index 1eedeedcee2..3ea3ff59202 100644 --- a/2019/3xxx/CVE-2019-3199.json +++ b/2019/3xxx/CVE-2019-3199.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3199", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3199", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3214.json b/2019/3xxx/CVE-2019-3214.json index be906ef2f5e..d04300ce149 100644 --- a/2019/3xxx/CVE-2019-3214.json +++ b/2019/3xxx/CVE-2019-3214.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3214", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3214", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3543.json b/2019/3xxx/CVE-2019-3543.json index 40f692b5884..1c60ed2838c 100644 --- a/2019/3xxx/CVE-2019-3543.json +++ b/2019/3xxx/CVE-2019-3543.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3543", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3543", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3965.json b/2019/3xxx/CVE-2019-3965.json index d1c5cd43e95..a1095318cf6 100644 --- a/2019/3xxx/CVE-2019-3965.json +++ b/2019/3xxx/CVE-2019-3965.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3965", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3965", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4608.json b/2019/4xxx/CVE-2019-4608.json index c77965946f0..581a6be69da 100644 --- a/2019/4xxx/CVE-2019-4608.json +++ b/2019/4xxx/CVE-2019-4608.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4608", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4608", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4667.json b/2019/4xxx/CVE-2019-4667.json index 61734e229f6..0715d539ec0 100644 --- a/2019/4xxx/CVE-2019-4667.json +++ b/2019/4xxx/CVE-2019-4667.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4667", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4667", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4751.json b/2019/4xxx/CVE-2019-4751.json index b406e8d5858..bdbf76af6df 100644 --- a/2019/4xxx/CVE-2019-4751.json +++ b/2019/4xxx/CVE-2019-4751.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4751", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4751", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4952.json b/2019/4xxx/CVE-2019-4952.json index 5a022b56f3c..8f2e9cc5712 100644 --- a/2019/4xxx/CVE-2019-4952.json +++ b/2019/4xxx/CVE-2019-4952.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4952", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4952", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6557.json b/2019/6xxx/CVE-2019-6557.json index 58e9b2565e3..86395dad3c7 100644 --- a/2019/6xxx/CVE-2019-6557.json +++ b/2019/6xxx/CVE-2019-6557.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2019-03-05T00:00:00", - "ID" : "CVE-2019-6557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Moxa IKS, EDS", - "version" : { - "version_data" : [ - { - "version_value" : "IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "ICS-CERT" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer overflow CWE-120" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2019-03-05T00:00:00", + "ID": "CVE-2019-6557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Moxa IKS, EDS", + "version": { + "version_data": [ + { + "version_value": "IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior" + } + ] + } + } + ] + }, + "vendor_name": "ICS-CERT" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01" - }, - { - "name" : "107178", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107178" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer overflow CWE-120" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01" + }, + { + "name": "107178", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107178" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6863.json b/2019/6xxx/CVE-2019-6863.json index 08efa8a7741..61a80c0d32b 100644 --- a/2019/6xxx/CVE-2019-6863.json +++ b/2019/6xxx/CVE-2019-6863.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6863", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6863", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7157.json b/2019/7xxx/CVE-2019-7157.json index 7bed62253ee..c486405a82c 100644 --- a/2019/7xxx/CVE-2019-7157.json +++ b/2019/7xxx/CVE-2019-7157.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7157", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7157", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7609.json b/2019/7xxx/CVE-2019-7609.json index 7f89dfeeb41..cbb1f1352a5 100644 --- a/2019/7xxx/CVE-2019-7609.json +++ b/2019/7xxx/CVE-2019-7609.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7609", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7609", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7797.json b/2019/7xxx/CVE-2019-7797.json index 1cb16c0cf93..cefaaf1025f 100644 --- a/2019/7xxx/CVE-2019-7797.json +++ b/2019/7xxx/CVE-2019-7797.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7797", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7797", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7864.json b/2019/7xxx/CVE-2019-7864.json index 8514dd2b524..f6ce6fd0ea2 100644 --- a/2019/7xxx/CVE-2019-7864.json +++ b/2019/7xxx/CVE-2019-7864.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7864", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7864", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8285.json b/2019/8xxx/CVE-2019-8285.json index b2671b4f76e..38b66cf5553 100644 --- a/2019/8xxx/CVE-2019-8285.json +++ b/2019/8xxx/CVE-2019-8285.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8285", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8285", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8338.json b/2019/8xxx/CVE-2019-8338.json index bf5ae324ca2..ab13308d7dd 100644 --- a/2019/8xxx/CVE-2019-8338.json +++ b/2019/8xxx/CVE-2019-8338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8338", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8338", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8454.json b/2019/8xxx/CVE-2019-8454.json index e4725d8c570..07483d08ad1 100644 --- a/2019/8xxx/CVE-2019-8454.json +++ b/2019/8xxx/CVE-2019-8454.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8454", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8454", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8829.json b/2019/8xxx/CVE-2019-8829.json index ce79837daf3..643ed1054d3 100644 --- a/2019/8xxx/CVE-2019-8829.json +++ b/2019/8xxx/CVE-2019-8829.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8829", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8829", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8888.json b/2019/8xxx/CVE-2019-8888.json index 3f8e3fd68b6..a0602cf627a 100644 --- a/2019/8xxx/CVE-2019-8888.json +++ b/2019/8xxx/CVE-2019-8888.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8888", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8888", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9194.json b/2019/9xxx/CVE-2019-9194.json index 231274f7037..83ff7cae9af 100644 --- a/2019/9xxx/CVE-2019-9194.json +++ b/2019/9xxx/CVE-2019-9194.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9194", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "elFinder before 2.1.48 has a command injection vulnerability in the PHP connector." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9194", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46481", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46481/" - }, - { - "name" : "46539", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46539/" - }, - { - "name" : "https://github.com/Studio-42/elFinder/blob/master/README.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/Studio-42/elFinder/blob/master/README.md" - }, - { - "name" : "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028", - "refsource" : "CONFIRM", - "url" : "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028" - }, - { - "name" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.48", - "refsource" : "CONFIRM", - "url" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.48" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "elFinder before 2.1.48 has a command injection vulnerability in the PHP connector." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028", + "refsource": "CONFIRM", + "url": "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028" + }, + { + "name": "https://github.com/Studio-42/elFinder/releases/tag/2.1.48", + "refsource": "CONFIRM", + "url": "https://github.com/Studio-42/elFinder/releases/tag/2.1.48" + }, + { + "name": "46539", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46539/" + }, + { + "name": "46481", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46481/" + }, + { + "name": "https://github.com/Studio-42/elFinder/blob/master/README.md", + "refsource": "CONFIRM", + "url": "https://github.com/Studio-42/elFinder/blob/master/README.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9572.json b/2019/9xxx/CVE-2019-9572.json index cd2753ed4f7..0ac05219e43 100644 --- a/2019/9xxx/CVE-2019-9572.json +++ b/2019/9xxx/CVE-2019-9572.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of arbitrary PHP code in Public\\Home\\1_Static.php because of mishandling in the Application\\Admin\\Controller\\ThemeController.class.php Upload() function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/PearlyNautilus/Security-Code-Review/issues/3", - "refsource" : "MISC", - "url" : "https://github.com/PearlyNautilus/Security-Code-Review/issues/3" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of arbitrary PHP code in Public\\Home\\1_Static.php because of mishandling in the Application\\Admin\\Controller\\ThemeController.class.php Upload() function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/PearlyNautilus/Security-Code-Review/issues/3", + "refsource": "MISC", + "url": "https://github.com/PearlyNautilus/Security-Code-Review/issues/3" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9581.json b/2019/9xxx/CVE-2019-9581.json index 3b2a61dad28..3f833259a02 100644 --- a/2019/9xxx/CVE-2019-9581.json +++ b/2019/9xxx/CVE-2019-9581.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9581", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9581", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46486", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46486" - }, - { - "name" : "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html", - "refsource" : "MISC", - "url" : "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html" - }, - { - "name" : "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/", - "refsource" : "MISC", - "url" : "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/", + "refsource": "MISC", + "url": "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/" + }, + { + "name": "46486", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46486" + }, + { + "name": "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html", + "refsource": "MISC", + "url": "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html" + } + ] + } +} \ No newline at end of file