admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:45:10 +00:00
parent 1e4dc7bede
commit f484f56d72
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
49 changed files with 4365 additions and 4365 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

270
2006/0xxx/CVE-2006-0272.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0272", "ID": "CVE-2006-0272",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS."
{ }
"name" : "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt", ]
"refsource" : "MISC", },
"url" : "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html" ]
}, },
{ "references": {
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html" "name": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf",
}, "refsource": "MISC",
{ "url": "http://www.integrigy.com/info/IntegrigySecurityAnalysis-CPU0106.pdf"
"name" : "TA06-018A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-018A.html" "name": "oracle-january2006-update(24321)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
"name" : "VU#545804", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/545804" "name": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html",
}, "refsource": "MISC",
{ "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2006.html"
"name" : "VU#891644", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/891644" "name": "20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0893.html"
"name" : "16287", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16287" "name": "18493",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18493"
"name" : "ADV-2006-0243", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0243" "name": "ADV-2006-0323",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0323"
"name" : "ADV-2006-0323", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0323" "name": "16287",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16287"
"name" : "1015499", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015499" "name": "TA06-018A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-018A.html"
"name" : "18493", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18493" "name": "VU#545804",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/545804"
"name" : "18608", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18608" "name": "1015499",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015499"
"name" : "oracle-january2006-update(24321)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321" "name": "ADV-2006-0243",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0243"
"name" : "oracle-xdbdbmx-xmlschema-bo(24376)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376" "name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
} },
} {
"name": "18608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18608"
},
{
"name": "VU#891644",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/891644"
},
{
"name": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt",
"refsource": "MISC",
"url": "http://www.argeniss.com/research/ARGENISS-ADV-010601.txt"
},
{
"name": "oracle-xdbdbmx-xmlschema-bo(24376)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24376"
}
]
}
}

730
2006/0xxx/CVE-2006-0292.json
View File

@ -1,367 +1,367 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-0292", "ID": "CVE-2006-0292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-01.html" "lang": "eng",
}, "value": "The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=316885", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=316885" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1044", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-1044" ]
}, },
{ "references": {
"name" : "DSA-1046", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1046" "name": "MDKSA-2006:036",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036"
"name" : "DSA-1051", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1051" "name": "USN-275-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/275-1/"
"name" : "FEDORA-2006-075", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html" "name": "RHSA-2006:0330",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
"name" : "FEDORA-2006-076", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html" "name": "19902",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19902"
"name" : "FLSA-2006:180036-2", },
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/425978/100/0/threaded" "name": "mozilla-javascript-memory-corruption(24430)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24430"
"name" : "FLSA:180036-1", },
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/425975/100/0/threaded" "name": "MDKSA-2006:037",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037"
"name" : "GLSA-200604-12", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" "name": "USN-276-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/276-1/"
"name" : "GLSA-200604-18", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" "name": "HPSBUX02122",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
"name" : "GLSA-200605-09", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" "name": "19941",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19941"
"name" : "HPSBUX02122", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded" "name": "19780",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19780"
"name" : "SSRT061158", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=316885",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=316885"
"name" : "HPSBUX02156", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded" "name": "19821",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19821"
"name" : "SSRT061236", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded" "name": "oval:org.mitre.oval:def:10016",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10016"
"name" : "MDKSA-2006:036", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036" "name": "FEDORA-2006-075",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html"
"name" : "MDKSA-2006:078", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" "name": "GLSA-200604-12",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
"name" : "MDKSA-2006:037", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037" "name": "21622",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21622"
"name" : "RHSA-2006:0199", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0199.html" "name": "19862",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19862"
"name" : "RHSA-2006:0200", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0200.html" "name": "19230",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19230"
"name" : "RHSA-2006:0330", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0330.html" "name": "18704",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18704"
"name" : "SCOSA-2006.26", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
"name" : "20060201-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" "name": "19823",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19823"
"name" : "102550", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" "name": "DSA-1051",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1051"
"name" : "228526", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" "name": "18709",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18709"
"name" : "SUSE-SA:2006:022", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html" "name": "ADV-2006-3749",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3749"
"name" : "USN-275-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/275-1/" "name": "USN-271-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/271-1/"
"name" : "USN-276-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/276-1/" "name": "18705",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18705"
"name" : "USN-271-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/271-1/" "name": "GLSA-200604-18",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
"name" : "16476", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16476" "name": "16476",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16476"
"name" : "oval:org.mitre.oval:def:10016", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10016" "name": "ADV-2006-0413",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0413"
"name" : "ADV-2006-0413", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0413" "name": "1015570",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015570"
"name" : "ADV-2006-3391", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3391" "name": "19746",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19746"
"name" : "ADV-2006-3749", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3749" "name": "21033",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21033"
"name" : "oval:org.mitre.oval:def:670", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A670" "name": "18700",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18700"
"name" : "1015570", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015570" "name": "102550",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
"name" : "18700", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18700" "name": "19759",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19759"
"name" : "18703", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18703" "name": "SSRT061236",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
"name" : "18704", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18704" "name": "RHSA-2006:0200",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html"
"name" : "18708", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18708" "name": "oval:org.mitre.oval:def:670",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A670"
"name" : "18709", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18709" "name": "18706",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18706"
"name" : "18705", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18705" "name": "SSRT061158",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
"name" : "18706", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18706" "name": "FEDORA-2006-076",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html"
"name" : "19230", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19230" "name": "MDKSA-2006:078",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
"name" : "19759", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19759" "name": "RHSA-2006:0199",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html"
"name" : "19821", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19821" "name": "20051",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20051"
"name" : "19823", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19823" "name": "19863",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19863"
"name" : "19852", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19852" "name": "HPSBUX02156",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
"name" : "19862", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19862" "name": "FLSA-2006:180036-2",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded"
"name" : "19863", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19863" "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-01.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-01.html"
"name" : "19902", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19902" "name": "20060201-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
"name" : "19950", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19950" "name": "SCOSA-2006.26",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
"name" : "19941", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19941" "name": "18708",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18708"
"name" : "19746", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19746" "name": "FLSA:180036-1",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded"
"name" : "21033", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21033" "name": "228526",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
"name" : "21622", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21622" "name": "19852",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19852"
"name" : "19780", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19780" "name": "SUSE-SA:2006:022",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
"name" : "20051", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20051" "name": "GLSA-200605-09",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
"name" : "22065", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22065" "name": "ADV-2006-3391",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3391"
"name" : "mozilla-javascript-memory-corruption(24430)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24430" "name": "18703",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18703"
} },
} {
"name": "22065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22065"
},
{
"name": "19950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19950"
},
{
"name": "DSA-1046",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1046"
},
{
"name": "DSA-1044",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1044"
}
]
}
}

150
2006/0xxx/CVE-2006-0540.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0540", "ID": "CVE-2006-0540",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060201 [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/423957/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "http://www.evuln.com/vulns/54/summary.html", ]
"refsource" : "MISC", },
"url" : "http://www.evuln.com/vulns/54/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16464", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16464" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "vanillaguestbook-messages-sql-injection(24412)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24412" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.evuln.com/vulns/54/summary.html",
"refsource": "MISC",
"url": "http://www.evuln.com/vulns/54/summary.html"
},
{
"name": "vanillaguestbook-messages-sql-injection(24412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24412"
},
{
"name": "20060201 [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423957/100/0/threaded"
},
{
"name": "16464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16464"
}
]
}
}

170
2006/0xxx/CVE-2006-0879.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0879", "ID": "CVE-2006-0879",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060222 [KAPDA::#29]Noah's classifieds multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/425783/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors."
{ }
"name" : "http://www.kapda.ir/advisory-268.html", ]
"refsource" : "MISC", },
"url" : "http://www.kapda.ir/advisory-268.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16773", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16773" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0703", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0703" ]
}, },
{ "references": {
"name" : "1015667", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015667" "name": "noahs-search-sql-injection(24896)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24896"
"name" : "noahs-search-sql-injection(24896)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24896" "name": "20060222 [KAPDA::#29]Noah's classifieds multiple vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/425783/100/0/threaded"
} },
} {
"name": "1015667",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015667"
},
{
"name": "16773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16773"
},
{
"name": "http://www.kapda.ir/advisory-268.html",
"refsource": "MISC",
"url": "http://www.kapda.ir/advisory-268.html"
},
{
"name": "ADV-2006-0703",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0703"
}
]
}
}

180
2006/3xxx/CVE-2006-3050.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3050", "ID": "CVE-2006-3050",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the template parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060612 [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/437047/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the template parameter."
{ }
"name" : "20060619 Re: [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/437639/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.majorsecurity.de/advisory/major_rls17.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.majorsecurity.de/advisory/major_rls17.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18395", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/18395" ]
}, },
{ "references": {
"name" : "1016282", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016282" "name": "sixcms-detail-directory-traversal(27107)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27107"
"name" : "1101", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1101" "name": "18395",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18395"
"name" : "sixcms-detail-directory-traversal(27107)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27107" "name": "http://www.majorsecurity.de/advisory/major_rls17.txt",
} "refsource": "MISC",
] "url": "http://www.majorsecurity.de/advisory/major_rls17.txt"
} },
} {
"name": "1016282",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016282"
},
{
"name": "20060619 Re: [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437639/100/0/threaded"
},
{
"name": "1101",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1101"
},
{
"name": "20060612 [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437047/100/0/threaded"
}
]
}
}

160
2006/3xxx/CVE-2006-3244.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3244", "ID": "CVE-2006-3244",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order parameter in buglist.php and the (2) bug parameter in query.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2006/06/anthill-sql-injection-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2006/06/anthill-sql-injection-vuln.html" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order parameter in buglist.php and the (2) bug parameter in query.php."
{ }
"name" : "18661", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18661" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2529", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2529" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20838", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/20838" ]
}, },
{ "references": {
"name" : "anthill-buglist-query-sql-injection(27373)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27373" "name": "anthill-buglist-query-sql-injection(27373)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27373"
} },
} {
"name": "ADV-2006-2529",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2529"
},
{
"name": "18661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18661"
},
{
"name": "20838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20838"
},
{
"name": "http://pridels0.blogspot.com/2006/06/anthill-sql-injection-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/06/anthill-sql-injection-vuln.html"
}
]
}
}

150
2006/3xxx/CVE-2006-3766.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3766", "ID": "CVE-2006-3766",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060717 osDate 1.1.7 multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/440490/100/0/threaded" "lang": "eng",
}, "value": "Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10."
{ }
"name" : "20060719 Re: osDate 1.1.7 multiple vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/440592/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060813 osDate 1.1.8 - Multiple HTML Injection Vulnerability - fixed", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/443198/100/200/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1016700", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1016700" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20060813 osDate 1.1.8 - Multiple HTML Injection Vulnerability - fixed",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443198/100/200/threaded"
},
{
"name": "1016700",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016700"
},
{
"name": "20060719 Re: osDate 1.1.7 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440592/100/0/threaded"
},
{
"name": "20060717 osDate 1.1.7 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440490/100/0/threaded"
}
]
}
}

610
2006/3xxx/CVE-2006-3918.json
View File

@ -1,307 +1,307 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3918", "ID": "CVE-2006-3918",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060508 Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html" "lang": "eng",
}, "value": "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file."
{ }
"name" : "20060724 Write-up by Amit Klein: \"Forging HTTP request headers with Flash\"", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://svn.apache.org/viewvc?view=rev&revision=394965", "description": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=rev&revision=394965" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm" ]
}, },
{ "references": {
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117" "name": "20060801-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P"
"name" : "http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html", },
"refsource" : "CONFIRM", {
"url" : "http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html" "name": "ADV-2010-1572",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1572"
"name" : "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html" "name": "http://svn.apache.org/viewvc?view=rev&revision=394965",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=rev&revision=394965"
"name" : "PK24631", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631" "name": "28749",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28749"
"name" : "PK27875", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24013080" "name": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html"
"name" : "DSA-1167", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1167" "name": "DSA-1167",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1167"
"name" : "HPSBUX02465", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=125631037611762&w=2" "name": "19661",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19661"
"name" : "SSRT090192", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=125631037611762&w=2" "name": "21744",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21744"
"name" : "HPSBUX02612", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=129190899612998&w=2" "name": "20060724 Write-up by Amit Klein: \"Forging HTTP request headers with Flash\"",
}, "refsource": "BUGTRAQ",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html"
"name" : "SSRT100345", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=129190899612998&w=2" "name": "HPSBUX02465",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2"
"name" : "HPSBOV02683", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "1024144",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1024144"
"name" : "SSRT090208", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "22317",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22317"
"name" : "[3.9] 012: SECURITY FIX: October 7, 2006", },
"refsource" : "OPENBSD", {
"url" : "http://openbsd.org/errata.html#httpd2" "name": "22523",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22523"
"name" : "RHSA-2006:0618", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0618.html" "name": "SSRT090208",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "RHSA-2006:0619", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0619.html" "name": "ADV-2006-5089",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/5089"
"name" : "RHSA-2006:0692", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0692.html" "name": "ADV-2006-3264",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3264"
"name" : "20060801-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" "name": "20060508 Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1",
}, "refsource": "BUGTRAQ",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html"
"name" : "SUSE-SA:2006:051", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_51_apache.html" "name": "21598",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21598"
"name" : "SUSE-SA:2008:021", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html" "name": "21399",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21399"
"name" : "USN-575-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-575-1" "name": "SSRT090192",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2"
"name" : "19661", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19661" "name": "oval:org.mitre.oval:def:10352",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352"
"name" : "oval:org.mitre.oval:def:10352", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm"
"name" : "oval:org.mitre.oval:def:12238", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238" "name": "21478",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21478"
"name" : "1024144", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024144" "name": "RHSA-2006:0619",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0619.html"
"name" : "40256", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40256" "name": "21986",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21986"
"name" : "ADV-2006-2963", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2963" "name": "HPSBUX02612",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
"name" : "ADV-2006-2964", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2964" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117",
}, "refsource": "CONFIRM",
{ "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117"
"name" : "ADV-2006-3264", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3264" "name": "ADV-2006-4207",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4207"
"name" : "ADV-2006-4207", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4207" "name": "HPSBOV02683",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "ADV-2006-5089", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5089" "name": "21848",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21848"
"name" : "1016569", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016569" "name": "RHSA-2006:0618",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0618.html"
"name" : "21172", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21172" "name": "PK24631",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631"
"name" : "21174", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21174" "name": "SUSE-SA:2008:021",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
"name" : "21399", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21399" "name": "RHSA-2006:0692",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0692.html"
"name" : "21478", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21478" "name": "40256",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40256"
"name" : "21848", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21848" "name": "SUSE-SA:2006:051",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_51_apache.html"
"name" : "21598", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21598" "name": "ADV-2006-2963",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/2963"
"name" : "21744", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21744" "name": "21174",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21174"
"name" : "21986", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21986" "name": "SSRT100345",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2"
"name" : "22140", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22140" "name": "USN-575-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-575-1"
"name" : "22317", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22317" "name": "oval:org.mitre.oval:def:12238",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238"
"name" : "22523", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22523" "name": "29640",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29640"
"name" : "28749", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28749" "name": "1294",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1294"
"name" : "29640", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29640" "name": "[3.9] 012: SECURITY FIX: October 7, 2006",
}, "refsource": "OPENBSD",
{ "url": "http://openbsd.org/errata.html#httpd2"
"name" : "1294", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1294" "name": "PK27875",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
"name" : "ADV-2010-1572", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1572" "name": "21172",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21172"
} },
} {
"name": "http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html"
},
{
"name": "1016569",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016569"
},
{
"name": "ADV-2006-2964",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2964"
},
{
"name": "22140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22140"
}
]
}
}

130
2006/3xxx/CVE-2006-3964.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3964", "ID": "CVE-2006-3964",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060730 Banex Multiple Vulnerabilities", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=115423462216111&w=2" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter."
{ }
"name" : "19240", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19240" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060730 Banex Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=115423462216111&w=2"
},
{
"name": "19240",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19240"
}
]
}
}

170
2006/4xxx/CVE-2006-4260.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4260", "ID": "CVE-2006-4260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in Fotopholder 1.8 allows remote attackers to read arbitrary directories or files via a .. (dot dot) in the path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060815 otopholder 1.8 suffers from a local file inclusion,XSS and directory listing vuln", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-08/0316.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in Fotopholder 1.8 allows remote attackers to read arbitrary directories or files via a .. (dot dot) in the path parameter."
{ }
"name" : "28243", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/28243" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1016702", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016702" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1421", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/1421" ]
}, },
{ "references": {
"name" : "fotopholder-index-obtain-information(28399)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28399" "name": "fotopholder-index-obtain-information(28399)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28399"
"name" : "fotopholder-index-file-include(28398)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28398" "name": "1421",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/1421"
} },
} {
"name": "fotopholder-index-file-include(28398)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28398"
},
{
"name": "28243",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28243"
},
{
"name": "20060815 otopholder 1.8 suffers from a local file inclusion,XSS and directory listing vuln",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-08/0316.html"
},
{
"name": "1016702",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016702"
}
]
}
}

140
2006/4xxx/CVE-2006-4367.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4367", "ID": "CVE-2006-4367",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2248", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2248" "lang": "eng",
}, "value": "SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter."
{ }
"name" : "19682", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19682" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phpbb-alltopics-sql-injection(28538)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28538" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "phpbb-alltopics-sql-injection(28538)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28538"
},
{
"name": "2248",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2248"
},
{
"name": "19682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19682"
}
]
}
}

150
2010/2xxx/CVE-2010-2022.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2022", "ID": "CVE-2010-2022",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the \"-l -U root\" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-10:04", "description_data": [
"refsource" : "FREEBSD", {
"url" : "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:04.jail.asc" "lang": "eng",
}, "value": "jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the \"-l -U root\" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations."
{ }
"name" : "40399", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/40399" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1024038", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1024038" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2010-1247", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2010/1247" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2010-1247",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1247"
},
{
"name": "FreeBSD-SA-10:04",
"refsource": "FREEBSD",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:04.jail.asc"
},
{
"name": "40399",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40399"
},
{
"name": "1024038",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024038"
}
]
}
}

160
2010/2xxx/CVE-2010-2048.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2048", "ID": "CVE-2010-2048",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat module 6.x before 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/802508", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/802508" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat module 6.x before 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://drupal.org/node/803570", ]
"refsource" : "CONFIRM", },
"url" : "http://drupal.org/node/803570" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40268", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40268" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39893", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/39893" ]
}, },
{ "references": {
"name" : "heartbeat-unspecified-xss(58702)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58702" "name": "heartbeat-unspecified-xss(58702)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58702"
} },
} {
"name": "http://drupal.org/node/803570",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/803570"
},
{
"name": "http://drupal.org/node/802508",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/802508"
},
{
"name": "39893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39893"
},
{
"name": "40268",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40268"
}
]
}
}

190
2010/2xxx/CVE-2010-2244.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-2244", "ID": "CVE-2010-2244",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20100623 CVE Request: avahi DoS", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/06/23/4" "lang": "eng",
}, "value": "The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081."
{ }
"name" : "[oss-security] 20100625 Re: CVE Request: avahi DoS", ]
"refsource" : "MLIST", },
"url" : "http://marc.info/?l=oss-security&m=127748459505200&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=607293", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=607293" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-2086", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2010/dsa-2086" ]
}, },
{ "references": {
"name" : "FEDORA-2010-10581", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043820.html" "name": "[oss-security] 20100625 Re: CVE Request: avahi DoS",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=oss-security&m=127748459505200&w=2"
"name" : "FEDORA-2010-10584", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043800.html" "name": "[oss-security] 20100623 CVE Request: avahi DoS",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/06/23/4"
"name" : "MDVSA-2010:204", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:204" "name": "FEDORA-2010-10584",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043800.html"
"name" : "1024200", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024200" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=607293",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=607293"
} },
} {
"name": "MDVSA-2010:204",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:204"
},
{
"name": "1024200",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024200"
},
{
"name": "DSA-2086",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2086"
},
{
"name": "FEDORA-2010-10581",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043820.html"
}
]
}
}

140
2010/2xxx/CVE-2010-2505.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2505", "ID": "CVE-2010-2505",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remote attackers to cause a denial of service (crash) via a large number of requests with a long line, as demonstrated using a long GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "13888", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/13888" "lang": "eng",
}, "value": "Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remote attackers to cause a denial of service (crash) via a large number of requests with a long line, as demonstrated using a long GET request."
{ }
"name" : "65544", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/65544" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40214", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40214" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "13888",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13888"
},
{
"name": "40214",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40214"
},
{
"name": "65544",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/65544"
}
]
}
}

150
2010/2xxx/CVE-2010-2627.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2627", "ID": "CVE-2010-2627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via \"..\\\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://aluigi.altervista.org/adv/bf2urlz-adv.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://aluigi.altervista.org/adv/bf2urlz-adv.txt" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via \"..\\\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL."
{ }
"name" : "41262", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/41262" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "65863", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/65863" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40334", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/40334" ]
} },
] "references": {
} "reference_data": [
} {
"name": "40334",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40334"
},
{
"name": "65863",
"refsource": "OSVDB",
"url": "http://osvdb.org/65863"
},
{
"name": "41262",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41262"
},
{
"name": "http://aluigi.altervista.org/adv/bf2urlz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/bf2urlz-adv.txt"
}
]
}
}

160
2010/2xxx/CVE-2010-2668.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2668", "ID": "CVE-2010-2668",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager 3.40.2 allows remote attackers to bypass authentication and read or write configuration files via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100701 DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/512132/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager 3.40.2 allows remote attackers to bypass authentication and read or write configuration files via unknown vectors."
{ }
"name" : "20100701 DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0010.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "41288", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/41288" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "66015", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/66015" ]
}, },
{ "references": {
"name" : "40369", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40369" "name": "20100701 DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/512132/100/0/threaded"
} },
} {
"name": "66015",
"refsource": "OSVDB",
"url": "http://osvdb.org/66015"
},
{
"name": "40369",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40369"
},
{
"name": "20100701 DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0010.html"
},
{
"name": "41288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41288"
}
]
}
}

390
2010/3xxx/CVE-2010-3567.json
View File

@ -1,197 +1,197 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-3567", "ID": "CVE-2010-3567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/css/P8/documents/100114315", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100114315" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/css/P8/documents/100114327", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/css/P8/documents/100114327" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=642197", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=642197" "name": "http://support.avaya.com/css/P8/documents/100114327",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100114327"
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" "name": "RHSA-2010:0865",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
"name" : "http://support.avaya.com/css/P8/documents/100123193", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100123193" "name": "oval:org.mitre.oval:def:11714",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11714"
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" "name": "http://support.avaya.com/css/P8/documents/100114315",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100114315"
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "FEDORA-2010-16240", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" "name": "HPSBMU02799",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name" : "FEDORA-2010-16294", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" "name": "RHSA-2010:0770",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
"name" : "FEDORA-2010-16312", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" "name": "SSRT100333",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "43992",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/43992"
"name" : "HPSBUX02608", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" "name": "RHSA-2010:0768",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
"name" : "SSRT100333", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748" "name": "FEDORA-2010-16240",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
"name" : "HPSBMU02799", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "name": "oval:org.mitre.oval:def:12153",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12153"
"name" : "RHSA-2010:0770", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0770.html" "name": "USN-1010-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1010-1"
"name" : "RHSA-2010:0768", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0768.html" "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
"name" : "RHSA-2010:0865", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0865.html" "name": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"
"name" : "SUSE-SR:2010:019", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
"name" : "USN-1010-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1010-1" "name": "42974",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42974"
"name" : "43992", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/43992" "name": "41972",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/41972"
"name" : "oval:org.mitre.oval:def:11714", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11714" "name": "ADV-2010-3086",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/3086"
"name" : "oval:org.mitre.oval:def:12153", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12153" "name": "HPSBUX02608",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748"
"name" : "41972", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41972" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=642197",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=642197"
"name" : "42377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42377" "name": "http://support.avaya.com/css/P8/documents/100123193",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100123193"
"name" : "42974", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42974" "name": "42377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42377"
"name" : "ADV-2010-3086", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3086" "name": "SUSE-SR:2010:019",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "FEDORA-2010-16312",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "FEDORA-2010-16294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
}
]
}
}

34
2010/3xxx/CVE-2010-3670.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3670", "ID": "CVE-2010-3670",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

260
2010/3xxx/CVE-2010-3848.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-3848", "ID": "CVE-2010-3848",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20101129 kernel: Multiple vulnerabilities in AF_ECONET", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2010/11/30/1" "lang": "eng",
}, "value": "Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures."
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a27e13d370415add3487949c60810e36069a23a6", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a27e13d370415add3487949c60810e36069a23a6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=644156", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=644156" ]
}, },
{ "references": {
"name" : "DSA-2126", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2126" "name": "43056",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43056"
"name" : "MDVSA-2010:257", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:257" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=644156",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=644156"
"name" : "SUSE-SA:2011:005", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html" "name": "SUSE-SA:2011:007",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
"name" : "SUSE-SA:2011:007", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" "name": "[oss-security] 20101129 kernel: Multiple vulnerabilities in AF_ECONET",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/11/30/1"
"name" : "SUSE-SA:2011:008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" "name": "ADV-2011-0298",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0298"
"name" : "USN-1023-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1023-1" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a27e13d370415add3487949c60810e36069a23a6",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a27e13d370415add3487949c60810e36069a23a6"
"name" : "43056", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43056" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2"
"name" : "43291", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43291" "name": "MDVSA-2010:257",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:257"
"name" : "ADV-2011-0213", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0213" "name": "SUSE-SA:2011:005",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
"name" : "ADV-2011-0298", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0298" "name": "ADV-2011-0375",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0375"
"name" : "ADV-2011-0375", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0375" "name": "USN-1023-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-1023-1"
} },
} {
"name": "SUSE-SA:2011:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"
},
{
"name": "43291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43291"
},
{
"name": "ADV-2011-0213",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0213"
},
{
"name": "DSA-2126",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2126"
}
]
}
}

150
2010/3xxx/CVE-2010-3939.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-3939", "ID": "CVE-2010-3939",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka \"Win32k Buffer Overflow Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-098", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-098" "lang": "eng",
}, "value": "Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka \"Win32k Buffer Overflow Vulnerability.\""
{ }
"name" : "TA10-348A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12252", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12252" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1024880", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1024880" ]
} },
] "references": {
} "reference_data": [
} {
"name": "TA10-348A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html"
},
{
"name": "MS10-098",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-098"
},
{
"name": "1024880",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024880"
},
{
"name": "oval:org.mitre.oval:def:12252",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12252"
}
]
}
}

34
2011/0xxx/CVE-2011-0327.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0327", "ID": "CVE-2011-0327",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2011/0xxx/CVE-2011-0890.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-0890", "ID": "CVE-2011-0890",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02647", "description_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130082163516878&w=2" "lang": "eng",
}, "value": "HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community."
{ }
"name" : "SSRT100383", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=130082163516878&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46981", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46981" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1025239", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1025239" ]
}, },
{ "references": {
"name" : "8163", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8163" "name": "hp-discovery-snmp-info-disclosure(66242)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66242"
"name" : "ADV-2011-0755", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0755" "name": "1025239",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1025239"
"name" : "hp-discovery-snmp-info-disclosure(66242)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66242" "name": "8163",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/8163"
} },
} {
"name": "SSRT100383",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"
},
{
"name": "HPSBMA02647",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130082163516878&w=2"
},
{
"name": "ADV-2011-0755",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0755"
},
{
"name": "46981",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46981"
}
]
}
}

450
2011/1xxx/CVE-2011-1550.json
View File

@ -1,227 +1,227 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1550", "ID": "CVE-2011-1550",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110304 CVE Request -- logrotate -- nine issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/16" "lang": "eng",
}, "value": "The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages."
{ }
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2011/03/04/17" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", "description": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/18" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", ]
"refsource" : "MLIST", }
"url" : "http://openwall.com/lists/oss-security/2011/03/04/19" ]
}, },
{ "references": {
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/22" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/19"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/24" "name": "[oss-security] 20110304 CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/16"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/25" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/25"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/26" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/30"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/27" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/26"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/28" "name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/10/3"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/29" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/28"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/30" "name": "[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/08/5"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/31" "name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/07/5"
"name" : "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/32" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/31"
"name" : "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/04/33" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/17"
"name" : "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/05/4" "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/10/6"
"name" : "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/05/6" "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/06/3"
"name" : "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/05/8" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/29"
"name" : "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/06/3" "name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/07/6"
"name" : "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/06/4" "name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/05/6"
"name" : "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/06/5" "name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/05/4"
"name" : "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/06/6" "name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/07/11"
"name" : "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/07/5" "name": "[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/23/11"
"name" : "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/07/6" "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/06/5"
"name" : "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/07/11" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/18"
"name" : "[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/08/5" "name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/10/2"
"name" : "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/10/2" "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/11/3"
"name" : "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/10/3" "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/10/7"
"name" : "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/10/6" "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/05/8"
"name" : "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/10/7" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/22"
"name" : "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/11/3" "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/11/5"
"name" : "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/11/5" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/27"
"name" : "[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/14/26" "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/03/04/32"
"name" : "[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues", },
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/03/23/11" "name": "[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues",
} "refsource": "MLIST",
] "url": "http://openwall.com/lists/oss-security/2011/03/14/26"
} },
} {
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/24"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/06/4"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/06/6"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/33"
}
]
}
}

190
2011/1xxx/CVE-2011-1734.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-1734", "ID": "CVE-2011-1734",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110429 ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/517770/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message."
{ }
"name" : "http://zerodayinitiative.com/advisories/ZDI-11-150/", ]
"refsource" : "MISC", },
"url" : "http://zerodayinitiative.com/advisories/ZDI-11-150/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBMA02668", "description": [
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT100474", ]
"refsource" : "HP", }
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240" ]
}, },
{ "references": {
"name" : "47638", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/47638" "name": "20110429 ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/517770/100/0/threaded"
"name" : "72193", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/72193" "name": "http://zerodayinitiative.com/advisories/ZDI-11-150/",
}, "refsource": "MISC",
{ "url": "http://zerodayinitiative.com/advisories/ZDI-11-150/"
"name" : "1025454", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025454" "name": "47638",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/47638"
"name" : "44402", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44402" "name": "HPSBMA02668",
} "refsource": "HP",
] "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"
} },
} {
"name": "SSRT100474",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02810240"
},
{
"name": "44402",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44402"
},
{
"name": "1025454",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025454"
},
{
"name": "72193",
"refsource": "OSVDB",
"url": "http://osvdb.org/72193"
}
]
}
}

34
2014/3xxx/CVE-2014-3067.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3067", "ID": "CVE-2014-3067",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

250
2014/3xxx/CVE-2014-3192.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2014-3192", "ID": "CVE-2014-3192",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
{ }
"name" : "https://crbug.com/403276", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/403276" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://src.chromium.org/viewvc/blink?revision=182309&view=revision", "description": [
"refsource" : "CONFIRM", {
"url" : "https://src.chromium.org/viewvc/blink?revision=182309&view=revision" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/HT204243", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/HT204243" ]
}, },
{ "references": {
"name" : "http://support.apple.com/HT204245", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204245" "name": "1031647",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031647"
"name" : "http://support.apple.com/HT204246", },
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204246" "name": "http://support.apple.com/HT204245",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204245"
"name" : "https://support.apple.com/kb/HT204949", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT204949" "name": "RHSA-2014:1626",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1626.html"
"name" : "APPLE-SA-2015-01-27-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" "name": "http://support.apple.com/HT204246",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204246"
"name" : "APPLE-SA-2015-01-27-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" "name": "APPLE-SA-2015-06-30-6",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
"name" : "APPLE-SA-2015-01-27-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html" "name": "https://src.chromium.org/viewvc/blink?revision=182309&view=revision",
}, "refsource": "CONFIRM",
{ "url": "https://src.chromium.org/viewvc/blink?revision=182309&view=revision"
"name" : "APPLE-SA-2015-06-30-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html" "name": "http://support.apple.com/HT204243",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204243"
"name" : "RHSA-2014:1626", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1626.html" "name": "APPLE-SA-2015-01-27-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
"name" : "70273", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70273" "name": "APPLE-SA-2015-01-27-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html"
"name" : "1031647", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031647" "name": "https://support.apple.com/kb/HT204949",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/kb/HT204949"
} },
} {
"name": "APPLE-SA-2015-01-27-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
},
{
"name": "70273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70273"
},
{
"name": "https://crbug.com/403276",
"refsource": "CONFIRM",
"url": "https://crbug.com/403276"
},
{
"name": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html"
}
]
}
}

130
2014/3xxx/CVE-2014-3674.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3674", "ID": "CVE-2014-3674",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "RHSA-2014:1796", "description_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1796.html" "lang": "eng",
}, "value": "Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors."
{ }
"name" : "RHSA-2014:1906", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1906.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:1906",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1906.html"
},
{
"name": "RHSA-2014:1796",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1796.html"
}
]
}
}

130
2014/3xxx/CVE-2014-3706.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3706", "ID": "CVE-2014-3706",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1154977", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1154977" "lang": "eng",
}, "value": "ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates."
{ }
"name" : "101507", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101507" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101507",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101507"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1154977",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154977"
}
]
}
}

34
2014/3xxx/CVE-2014-3729.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3729", "ID": "CVE-2014-3729",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/7xxx/CVE-2014-7455.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7455", "ID": "CVE-2014-7455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#692673", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/692673" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#692673",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/692673"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/7xxx/CVE-2014-7702.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7702", "ID": "CVE-2014-7702",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ahtty (aka com.crevation.babylon.ahtty) application 1.97.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The ahtty (aka com.crevation.babylon.ahtty) application 1.97.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#367865", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/367865" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#367865",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/367865"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

120
2014/7xxx/CVE-2014-7983.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7983", "ID": "CVE-2014-7983",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://developer.joomla.org/security/579-20140302-core-xss-vulnerability.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://developer.joomla.org/security/579-20140302-core-xss-vulnerability.html" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://developer.joomla.org/security/579-20140302-core-xss-vulnerability.html",
"refsource": "CONFIRM",
"url": "http://developer.joomla.org/security/579-20140302-core-xss-vulnerability.html"
}
]
}
}

140
2014/8xxx/CVE-2014-8536.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8536", "ID": "CVE-2014-8536",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10044", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10044" "lang": "eng",
}, "value": "McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages."
{ }
"name" : "70840", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/70840" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "mcafee-ndlp-cve20148536-info-disc(98427)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98427" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10044",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10044"
},
{
"name": "70840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70840"
},
{
"name": "mcafee-ndlp-cve20148536-info-disc(98427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98427"
}
]
}
}

190
2014/8xxx/CVE-2014-8602.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8602", "ID": "CVE-2014-8602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://unbound.net/downloads/patch_cve_2014_8602.diff", "description_data": [
"refsource" : "MISC", {
"url" : "http://unbound.net/downloads/patch_cve_2014_8602.diff" "lang": "eng",
}, "value": "iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals."
{ }
"name" : "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html", ]
"refsource" : "MISC", },
"url" : "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://unbound.net/downloads/CVE-2014-8602.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "https://unbound.net/downloads/CVE-2014-8602.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" ]
}, },
{ "references": {
"name" : "DSA-3097", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3097" "name": "71589",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71589"
"name" : "USN-2484-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2484-1" "name": "http://unbound.net/downloads/patch_cve_2014_8602.diff",
}, "refsource": "MISC",
{ "url": "http://unbound.net/downloads/patch_cve_2014_8602.diff"
"name" : "VU#264212", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/264212" "name": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html",
}, "refsource": "MISC",
{ "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
"name" : "71589", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71589" "name": "DSA-3097",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2014/dsa-3097"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "VU#264212",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/264212"
},
{
"name": "https://unbound.net/downloads/CVE-2014-8602.txt",
"refsource": "CONFIRM",
"url": "https://unbound.net/downloads/CVE-2014-8602.txt"
},
{
"name": "USN-2484-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2484-1"
}
]
}
}

140
2014/8xxx/CVE-2014-8627.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2014-8627", "ID": "CVE-2014-8627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released" "lang": "eng",
}, "value": "PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors."
{ }
"name" : "openSUSE-SU-2014:1457", ]
"refsource" : "SUSE", },
"url" : "http://lists.opensuse.org/opensuse-updates/2014-11/msg00079.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "61220", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61220" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:1457",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00079.html"
},
{
"name": "https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released",
"refsource": "CONFIRM",
"url": "https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released"
},
{
"name": "61220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61220"
}
]
}
}

180
2014/8xxx/CVE-2014-8727.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8727", "ID": "CVE-2014-8727",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the \"Resource Administrator\" or \"Administrator\" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35222", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/35222" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the \"Resource Administrator\" or \"Administrator\" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form."
{ }
"name" : "http://packetstormsecurity.com/files/129084/F5-BIG-IP-10.1.0-Directory-Traversal.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/129084/F5-BIG-IP-10.1.0-Directory-Traversal.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote_11_0_0_ltm.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote_11_0_0_ltm.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13109.html", ]
"refsource" : "CONFIRM", }
"url" : "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13109.html" ]
}, },
{ "references": {
"name" : "71063", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71063" "name": "1031216",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031216"
"name" : "1031216", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031216" "name": "http://packetstormsecurity.com/files/129084/F5-BIG-IP-10.1.0-Directory-Traversal.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/129084/F5-BIG-IP-10.1.0-Directory-Traversal.html"
"name" : "f5-bigip-cve20148727-dir-trav(98676)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98676" "name": "f5-bigip-cve20148727-dir-trav(98676)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98676"
} },
} {
"name": "71063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71063"
},
{
"name": "35222",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35222"
},
{
"name": "https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote_11_0_0_ltm.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote_11_0_0_ltm.html"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13109.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13109.html"
}
]
}
}

34
2014/9xxx/CVE-2014-9625.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9625", "ID": "CVE-2014-9625",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2016/2xxx/CVE-2016-2313.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2016-2313", "ID": "CVE-2016-2313",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.cacti.net/view.php?id=2656", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.cacti.net/view.php?id=2656" "lang": "eng",
}, "value": "auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database."
{ }
"name" : "http://www.cacti.net/release_notes_0_8_8g.php", ]
"refsource" : "CONFIRM", },
"url" : "http://www.cacti.net/release_notes_0_8_8g.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201607-05", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201607-05" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201711-10", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201711-10" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:0437", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html" "name": "GLSA-201607-05",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201607-05"
"name" : "openSUSE-SU-2016:0438", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html" "name": "1037745",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037745"
"name" : "openSUSE-SU-2016:0440", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html" "name": "openSUSE-SU-2016:0438",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html"
"name" : "1037745", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037745" "name": "http://www.cacti.net/release_notes_0_8_8g.php",
} "refsource": "CONFIRM",
] "url": "http://www.cacti.net/release_notes_0_8_8g.php"
} },
} {
"name": "openSUSE-SU-2016:0437",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html"
},
{
"name": "openSUSE-SU-2016:0440",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html"
},
{
"name": "http://bugs.cacti.net/view.php?id=2656",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2656"
},
{
"name": "GLSA-201711-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-10"
}
]
}
}

130
2016/2xxx/CVE-2016-2477.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-2477", "ID": "CVE-2016-2477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27251096."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-06-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-06-01.html" "lang": "eng",
}, "value": "mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27251096."
{ }
"name" : "https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0", ]
"refsource" : "CONFIRM", },
"url" : "https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/hardware/qcom/media/+/f22c2a0f0f9e030c240468d9d18b9297f001bcf0"
},
{
"name": "http://source.android.com/security/bulletin/2016-06-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-06-01.html"
}
]
}
}

164
2016/2xxx/CVE-2016-2983.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-01-23T00:00:00", "DATE_PUBLIC": "2018-01-23T00:00:00",
"ID" : "CVE-2016-2983", "ID": "CVE-2016-2983",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Tealeaf Customer Experience", "product_name": "Tealeaf Customer Experience",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.2" "version_value": "9.0.2"
}, },
{ {
"version_value" : "8.7" "version_value": "8.7"
}, },
{ {
"version_value" : "8.8" "version_value": "8.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/113999", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/113999" "lang": "eng",
}, "value": "IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006393", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006393" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006455", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006455" "lang": "eng",
}, "value": "Bypass Security"
{ }
"name" : "102891", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/102891" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006455",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006455"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006393",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006393"
},
{
"name": "102891",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102891"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/113999",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/113999"
}
]
}
}

34
2016/6xxx/CVE-2016-6078.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6078", "ID": "CVE-2016-6078",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/6xxx/CVE-2016-6617.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6617", "ID": "CVE-2016-6617",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.phpmyadmin.net/security/PMASA-2016-40", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.phpmyadmin.net/security/PMASA-2016-40" "lang": "eng",
}, "value": "An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected."
{ }
"name" : "GLSA-201701-32", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201701-32" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "95044", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95044" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.phpmyadmin.net/security/PMASA-2016-40",
"refsource": "CONFIRM",
"url": "https://www.phpmyadmin.net/security/PMASA-2016-40"
},
{
"name": "95044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95044"
},
{
"name": "GLSA-201701-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-32"
}
]
}
}

140
2016/6xxx/CVE-2016-6696.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-6696", "ID": "CVE-2016-6696",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-10-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-10-01.html" "lang": "eng",
}, "value": "sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c3c9341bfdf93606983f893a086cb33a487306e5", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c3c9341bfdf93606983f893a086cb33a487306e5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93330", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93330" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "93330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93330"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c3c9341bfdf93606983f893a086cb33a487306e5",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c3c9341bfdf93606983f893a086cb33a487306e5"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
}
]
}
}

170
2016/6xxx/CVE-2016-6909.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6909", "ID": "CVE-2016-6909",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40276", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40276/" "lang": "eng",
}, "value": "Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER."
{ }
"name" : "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html", "description": [
"refsource" : "MISC", {
"url" : "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://fortiguard.com/advisory/FG-IR-16-023", ]
"refsource" : "CONFIRM", }
"url" : "http://fortiguard.com/advisory/FG-IR-16-023" ]
}, },
{ "references": {
"name" : "92523", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92523" "name": "http://fortiguard.com/advisory/FG-IR-16-023",
}, "refsource": "CONFIRM",
{ "url": "http://fortiguard.com/advisory/FG-IR-16-023"
"name" : "1036643", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036643" "name": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html",
} "refsource": "MISC",
] "url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
} },
} {
"name": "1036643",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036643"
},
{
"name": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html"
},
{
"name": "40276",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40276/"
},
{
"name": "92523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92523"
}
]
}
}

132
2017/18xxx/CVE-2017-18039.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-02T00:00:00", "DATE_PUBLIC": "2018-02-02T00:00:00",
"ID" : "CVE-2017-18039", "ID": "CVE-2017-18039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jira", "product_name": "Jira",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "from 6.2.1 prior to 7.4.4" "version_value": "from 6.2.1 prior to 7.4.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Atlassian" "vendor_name": "Atlassian"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IncomingMailServers resource in Atlassian Jira from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jira.atlassian.com/browse/JRASERVER-66719", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jira.atlassian.com/browse/JRASERVER-66719" "lang": "eng",
}, "value": "The IncomingMailServers resource in Atlassian Jira from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter."
{ }
"name" : "103086", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103086" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103086"
},
{
"name": "https://jira.atlassian.com/browse/JRASERVER-66719",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/JRASERVER-66719"
}
]
}
}

150
2017/5xxx/CVE-2017-5223.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5223", "ID": "CVE-2017-5223",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative image URLs get treated as absolute local file paths and added as attachments. To form a remote vulnerability, the msgHTML method must be called, passed an unfiltered, user-supplied HTML document, and must not set a base directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43056", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43056/" "lang": "eng",
}, "value": "An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative image URLs get treated as absolute local file paths and added as attachments. To form a remote vulnerability, the msgHTML method must be called, passed an unfiltered, user-supplied HTML document, and must not set a base directory."
{ }
"name" : "http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/", ]
"refsource" : "MISC", },
"url" : "http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "95328", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/95328" ]
} },
] "references": {
} "reference_data": [
} {
"name": "95328",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95328"
},
{
"name": "http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/",
"refsource": "MISC",
"url": "http://kalilinux.co/2017/01/12/phpmailer-cve-2017-5223-local-information-disclosure-vulnerability-analysis/"
},
{
"name": "43056",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43056/"
},
{
"name": "https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md",
"refsource": "MISC",
"url": "https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md"
}
]
}
}

130
2017/5xxx/CVE-2017-5688.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2017-5688", "ID": "CVE-2017-5688",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solid State Drive Toolbox", "product_name": "Solid State Drive Toolbox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Before 3.4.5" "version_value": "Before 3.4.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Escalation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00074&languageid=en-fr", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00074&languageid=en-fr" "lang": "eng",
}, "value": "There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code."
{ }
"name" : "98771", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98771" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00074&languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00074&languageid=en-fr"
},
{
"name": "98771",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98771"
}
]
}
}

190
2017/5xxx/CVE-2017-5838.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5838", "ID": "CVE-2017-5838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170201 Multiple memory access issues in gstreamer", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/02/01/7" "lang": "eng",
}, "value": "The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string."
{ }
"name" : "[oss-security] 20170202 Re: Multiple memory access issues in gstreamer", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2017/02/02/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=777263", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=777263" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3", ]
"refsource" : "CONFIRM", }
"url" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3" ]
}, },
{ "references": {
"name" : "DSA-3822", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3822" "name": "DSA-3822",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2017/dsa-3822"
"name" : "GLSA-201705-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201705-10" "name": "96001",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/96001"
"name" : "RHSA-2017:2060", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2060" "name": "https://bugzilla.gnome.org/show_bug.cgi?id=777263",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.gnome.org/show_bug.cgi?id=777263"
"name" : "96001", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96001" "name": "RHSA-2017:2060",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2017:2060"
} },
} {
"name": "[oss-security] 20170202 Re: Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/02/9"
},
{
"name": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3",
"refsource": "CONFIRM",
"url": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.3"
},
{
"name": "GLSA-201705-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-10"
},
{
"name": "[oss-security] 20170201 Multiple memory access issues in gstreamer",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/7"
}
]
}
}