From f546748a66e366c3f0fb5840731e6a1a0a18df56 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 21 Mar 2019 14:00:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/5xxx/CVE-2016-5800.json | 75 ++++++++++++++++++++++++++++++---- 2016/5xxx/CVE-2016-5819.json | 75 ++++++++++++++++++++++++++++++---- 2018/18xxx/CVE-2018-18506.json | 5 +++ 3 files changed, 141 insertions(+), 14 deletions(-) diff --git a/2016/5xxx/CVE-2016-5800.json b/2016/5xxx/CVE-2016-5800.json index 586f39db866..76d50960bb1 100644 --- a/2016/5xxx/CVE-2016-5800.json +++ b/2016/5xxx/CVE-2016-5800.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2016-5800", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5800", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fatek", + "product": { + "product_data": [ + { + "product_name": "Automation PM Designer V3", + "version": { + "version_data": [ + { + "version_value": "2.1.2.2" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Fatek", + "product": { + "product_data": [ + { + "product_name": "Automation FV Designer", + "version": { + "version_data": [ + { + "version_value": "1.2.8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer overflow CWE-121" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0." } ] } diff --git a/2016/5xxx/CVE-2016-5819.json b/2016/5xxx/CVE-2016-5819.json index 682f1c5f5a0..75e44797f81 100644 --- a/2016/5xxx/CVE-2016-5819.json +++ b/2016/5xxx/CVE-2016-5819.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2016-5819", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5819", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Moxa", + "product": { + "product_data": [ + { + "product_name": "OnCell G3100V2 Series", + "version": { + "version_data": [ + { + "version_value": "< 2.8" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Moxa", + "product": { + "product_data": [ + { + "product_name": "OnCell G3111/G3151/G3211/G3251 Series", + "version": { + "version_data": [ + { + "version_value": "< 1.7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user\u2019s browser within the trust relationship between their browser and the server." } ] } diff --git a/2018/18xxx/CVE-2018-18506.json b/2018/18xxx/CVE-2018-18506.json index dd67ce39228..5c7b8c14a45 100644 --- a/2018/18xxx/CVE-2018-18506.json +++ b/2018/18xxx/CVE-2018-18506.json @@ -87,6 +87,11 @@ "refsource": "DEBIAN", "name": "DSA-4411", "url": "https://www.debian.org/security/2019/dsa-4411" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190321 [SECURITY] [DLA 1722-1] firefox-esr security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00024.html" } ] }