admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 18:01:01 +00:00
parent 7e34509b69
commit f7c871989b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
19 changed files with 6989 additions and 1084 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

240
2012/2xxx/CVE-2012-2334.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2334",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow."
"value": "CVE-2012-2334 openoffice.org, libreoffice: Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents"
}
]
},
@ -44,123 +21,194 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "1:3.1.1-19.10.el5_8.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "1:3.2.1-19.6.el6_2.7",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60799"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=821803",
"url": "http://secunia.com/advisories/60799",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803"
"name": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml",
"refsource": "MISC",
"name": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "MDVSA-2012:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
"url": "http://secunia.com/advisories/46992",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46992"
},
{
"name": "20120516 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html"
"url": "http://www.securityfocus.com/bid/53570",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53570"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"name": "FEDORA-2012-8114",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"name": "53570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53570"
"url": "http://secunia.com/advisories/47244",
"refsource": "MISC",
"name": "http://secunia.com/advisories/47244"
},
{
"name": "[oss-security] 20120528 Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/28/2"
"url": "http://secunia.com/advisories/49373",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49373"
},
{
"name": "1027070",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1027070"
"url": "http://secunia.com/advisories/49392",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49392"
},
{
"name": "http://www.libreoffice.org/advisories/cve-2012-2334/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/advisories/cve-2012-2334/"
"url": "http://www.debian.org/security/2012/dsa-2487",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2487"
},
{
"name": "DSA-2487",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2487"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"name": "46992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46992"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da"
"url": "https://access.redhat.com/errata/RHSA-2012:0705",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0705"
},
{
"name": "47244",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47244"
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html"
},
{
"name": "openoffice-powerpoint-dos(75695)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695"
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da"
},
{
"name": "49392",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49392"
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e"
},
{
"name": "49373",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49373"
"url": "http://securitytracker.com/id?1027070",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1027070"
},
{
"name": "RHSA-2012:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
"url": "http://www.libreoffice.org/advisories/cve-2012-2334/",
"refsource": "MISC",
"name": "http://www.libreoffice.org/advisories/cve-2012-2334/"
},
{
"name": "MDVSA-2012:091",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
"url": "http://www.openoffice.org/security/cves/CVE-2012-2334.html",
"refsource": "MISC",
"name": "http://www.openoffice.org/security/cves/CVE-2012-2334.html"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2012-2334.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2012-2334.html"
"url": "http://www.openwall.com/lists/oss-security/2012/05/28/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/28/2"
},
{
"name": "82517",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/82517"
"url": "http://www.osvdb.org/82517",
"refsource": "MISC",
"name": "http://www.osvdb.org/82517"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2334",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2334"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=821803"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

174
2012/2xxx/CVE-2012-2336.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2336",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823."
"value": "CVE-2012-2336 php: incomplete CVE-2012-1823 fix - missing filtering of -T and -h"
}
]
},
@ -44,58 +21,143 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:5.1.6-39.el5_8",
"version_affected": "!"
},
{
"version_value": "0:5.3.3-13.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:5.3.3-14.el6_3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2012:0721",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html"
},
{
"name": "SUSE-SU-2012:0840",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html"
"url": "https://access.redhat.com/errata/RHSA-2012:1046",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1046"
},
{
"name": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1"
"url": "https://access.redhat.com/errata/RHSA-2012:1047",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1047"
},
{
"name": "49014",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49014"
"url": "http://secunia.com/advisories/49014",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49014"
},
{
"name": "https://bugs.php.net/bug.php?id=61910",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=61910"
"url": "http://www.php.net/ChangeLog-5.php#5.4.3",
"refsource": "MISC",
"name": "http://www.php.net/ChangeLog-5.php#5.4.3"
},
{
"name": "http://www.php.net/archive/2012.php#id2012-05-08-1",
"refsource": "CONFIRM",
"url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
"url": "http://www.php.net/archive/2012.php#id2012-05-08-1",
"refsource": "MISC",
"name": "http://www.php.net/archive/2012.php#id2012-05-08-1"
},
{
"name": "SSRT100992",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
"url": "https://bugs.php.net/bug.php?id=61910",
"refsource": "MISC",
"name": "https://bugs.php.net/bug.php?id=61910"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862",
"refsource": "MISC",
"name": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "http://www.php.net/ChangeLog-5.php#5.4.3",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php#5.4.3"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1045",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1045"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2336",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2336"
},
{
"url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1",
"refsource": "MISC",
"name": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=820708",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=820708"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

143
2012/2xxx/CVE-2012-2383.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2383",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call."
"value": "CVE-2012-2383 kernel: drm/i915: integer overflow in i915_gem_execbuffer2()"
}
]
},
@ -44,53 +21,113 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.5.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "53971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53971"
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824176",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824176"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1156.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1156.html"
},
{
"name": "RHSA-2012:1156",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1156.html"
"url": "https://access.redhat.com/errata/RHSA-2012:1156",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1156"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ed8cd3b2cd61004cab85380c52b1817aca1ca49b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ed8cd3b2cd61004cab85380c52b1817aca1ca49b"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed8cd3b2cd61004cab85380c52b1817aca1ca49b",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed8cd3b2cd61004cab85380c52b1817aca1ca49b"
},
{
"name": "[oss-security] 20120522 Re: CVE Request: some drm overflow checks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/8"
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/22/8"
},
{
"name": "HPSBGN02970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
"url": "http://www.securityfocus.com/bid/53971",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53971"
},
{
"name": "https://github.com/torvalds/linux/commit/ed8cd3b2cd61004cab85380c52b1817aca1ca49b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ed8cd3b2cd61004cab85380c52b1817aca1ca49b"
"url": "https://access.redhat.com/security/cve/CVE-2012-2383",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2383"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824176",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824176"
},
{
"url": "https://github.com/torvalds/linux/commit/ed8cd3b2cd61004cab85380c52b1817aca1ca49b",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ed8cd3b2cd61004cab85380c52b1817aca1ca49b"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

137
2012/2xxx/CVE-2012-2384.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2384",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call."
"value": "CVE-2012-2384 kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()"
}
]
},
@ -44,48 +21,108 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.9.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "53971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53971"
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=44afb3a04391a74309d16180d1e4f8386fdfa745",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=44afb3a04391a74309d16180d1e4f8386fdfa745"
"url": "https://access.redhat.com/errata/RHSA-2012:1304",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1304"
},
{
"name": "https://github.com/torvalds/linux/commit/44afb3a04391a74309d16180d1e4f8386fdfa745",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/44afb3a04391a74309d16180d1e4f8386fdfa745"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5"
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/22/8"
},
{
"name": "[oss-security] 20120522 Re: CVE Request: some drm overflow checks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/8"
"url": "http://www.securityfocus.com/bid/53971",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53971"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824178",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824178"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=44afb3a04391a74309d16180d1e4f8386fdfa745",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=44afb3a04391a74309d16180d1e4f8386fdfa745"
},
{
"name": "HPSBGN02970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
"url": "https://access.redhat.com/security/cve/CVE-2012-2384",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2384"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824178",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824178"
},
{
"url": "https://github.com/torvalds/linux/commit/44afb3a04391a74309d16180d1e4f8386fdfa745",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/44afb3a04391a74309d16180d1e4f8386fdfa745"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

153
2012/2xxx/CVE-2012-2390.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2390",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations."
"value": "CVE-2012-2390 kernel: huge pages: memory leak on mmap failure"
}
]
},
@ -44,48 +21,124 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.9.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.0.36-rt57.66.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c50ac050811d6485616a193eb0f37bfbd191cc89",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c50ac050811d6485616a193eb0f37bfbd191cc89"
"url": "https://access.redhat.com/errata/RHSA-2012:1304",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1304"
},
{
"name": "USN-1515-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1515-1"
"url": "http://www.ubuntu.com/usn/USN-1535-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1535-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824345",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824345"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89"
},
{
"name": "USN-1535-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1535-1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2"
},
{
"name": "[oss-security] 20120523 Re: CVE Request -- kernel: huge pages: memory leak on mmap failure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/14"
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/23/14"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2"
"url": "http://www.ubuntu.com/usn/USN-1515-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1515-1"
},
{
"name": "https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89"
"url": "https://access.redhat.com/errata/RHSA-2012:1150",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1150"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2390",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2390"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824345",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824345"
},
{
"url": "https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

232
2012/2xxx/CVE-2012-2665.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2665",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four."
"value": "CVE-2012-2665 openoffice.org, libreoffice: Multiple heap-based buffer overflows in the XML manifest encryption handling code"
}
]
},
@ -44,93 +21,174 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "1:3.1.1-19.10.el5_8.4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "1:3.4.5.2-16.1.el6_3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60799",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=826077",
"url": "http://secunia.com/advisories/60799",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077"
"name": "http://secunia.com/advisories/60799"
},
{
"name": "DSA-2520",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2520"
},
{
"name": "USN-1536-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1536-1"
},
{
"name": "RHSA-2012:1135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1135.html"
},
{
"name": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml",
"refsource": "MISC",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt"
"name": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "54769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54769"
"url": "http://secunia.com/advisories/50692",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50692"
},
{
"name": "50692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50692"
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "1027332",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027332"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1135.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1135.html"
},
{
"name": "1027331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027331"
"url": "http://secunia.com/advisories/50142",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50142"
},
{
"name": "50142",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50142"
"url": "http://secunia.com/advisories/50146",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50146"
},
{
"name": "USN-1537-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1537-1"
"url": "http://www.debian.org/security/2012/dsa-2520",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2520"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/"
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/",
"refsource": "MISC",
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/"
},
{
"name": "50146",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50146"
"url": "http://www.libreoffice.org/advisories/CVE-2012-2665/",
"refsource": "MISC",
"name": "http://www.libreoffice.org/advisories/CVE-2012-2665/"
},
{
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt",
"refsource": "MISC",
"name": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt"
},
{
"url": "http://www.securityfocus.com/bid/54769",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54769"
},
{
"url": "http://www.securitytracker.com/id?1027331",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027331"
},
{
"url": "http://www.securitytracker.com/id?1027332",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027332"
},
{
"url": "http://www.ubuntu.com/usn/USN-1536-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1536-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1537-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1537-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1135",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1135"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1136",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1136"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2665",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2665"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=826077"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

302
2012/2xxx/CVE-2012-2683.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2683",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) \"error message displays\" or (2) \"in source HTML on certain pages.\""
"value": "CVE-2012-2683 cumin: multiple XSS flaws"
}
]
},
@ -44,53 +21,274 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5 v. 2",
"version": {
"version_data": [
{
"version_value": "0:7.6.5-0.22.el5",
"version_affected": "!"
},
{
"version_value": "0:4.1.3-1.el5",
"version_affected": "!"
},
{
"version_value": "0:1.23-1.el5",
"version_affected": "!"
},
{
"version_value": "0:0.1.5444-3.el5",
"version_affected": "!"
},
{
"version_value": "0:1.0-4.el5",
"version_affected": "!"
},
{
"version_value": "0:0.12.5-10.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:7.6.5-0.22.el6",
"version_affected": "!"
},
{
"version_value": "0:4.1.3-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.23-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.5444-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.5.0-10.el6_2",
"version_affected": "!"
},
{
"version_value": "0:0.9-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.1.4-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.12.10-7.el6",
"version_affected": "!"
},
{
"version_value": "0:0.2.7-1.el6",
"version_affected": "!"
},
{
"version_value": "0:3.1.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.8.4-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.6-10.el6",
"version_affected": "!"
},
{
"version_value": "0:0.6.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.16-4.el6_0",
"version_affected": "!"
},
{
"version_value": "0:0.9.7-4.el6",
"version_affected": "!"
},
{
"version_value": "0:2.0.23-6.el6_0",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-0.8.beta4.el6",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.4.3-6.el6_0",
"version_affected": "!"
},
{
"version_value": "0:0.6.1-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.8.7-2.1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-2.el6_0",
"version_affected": "!"
},
{
"version_value": "0:1.8.16-1.el6",
"version_affected": "!"
},
{
"version_value": "0:3.1.4-4.el6",
"version_affected": "!"
},
{
"version_value": "1:1.2.6-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.11-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.2-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.7.2-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0-6.el6",
"version_affected": "!"
},
{
"version_value": "0:0.12.5-10.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html",
"refsource": "MISC",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html"
},
{
"name": "FEDORA-2012-17863",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html"
},
{
"name": "55618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55618"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
"url": "http://secunia.com/advisories/50660",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50660"
},
{
"name": "50660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50660"
"url": "http://www.securityfocus.com/bid/55618",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55618"
},
{
"name": "FEDORA-2012-17854",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html"
"url": "https://access.redhat.com/errata/RHSA-2012:1278",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1278"
},
{
"name": "cumin-redhat-xss(78772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78772"
"url": "https://access.redhat.com/errata/RHSA-2012:1281",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1281"
},
{
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243",
"refsource": "MISC",
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2683",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2683"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=830243",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=830243"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78772",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78772"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

125
2013/1xxx/CVE-2013-1943.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1943",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c."
"value": "CVE-2013-1943 kernel: kvm: missing check in kvm_set_memory_region()"
}
]
},
@ -44,38 +21,98 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.11.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://web.archive.org/web/20130329070349/http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0",
"refsource": "CONFIRM",
"url": "http://web.archive.org/web/20130329070349/http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"
"url": "https://access.redhat.com/errata/RHSA-2013:0911",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0911"
},
{
"name": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e"
"url": "http://www.ubuntu.com/usn/USN-1939-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1939-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=950490",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950490"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa3d315a4ce2c0891cdde262562e710d95fba19e",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa3d315a4ce2c0891cdde262562e710d95fba19e"
},
{
"name": "USN-1939-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1939-1"
"url": "http://web.archive.org/web/20130329070349/http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0",
"refsource": "MISC",
"name": "http://web.archive.org/web/20130329070349/http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fa3d315a4ce2c0891cdde262562e710d95fba19e",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fa3d315a4ce2c0891cdde262562e710d95fba19e"
"url": "https://access.redhat.com/security/cve/CVE-2013-1943",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1943"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950490",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=950490"
},
{
"url": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

142
2013/1xxx/CVE-2013-1978.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1978",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries."
"value": "CVE-2013-1978 gimp: XWD plugin color map heap-based buffer overflow"
}
]
},
@ -44,43 +21,114 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "2:2.2.13-3.el5_10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:2.6.9-6.el6_5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "64098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64098"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1778.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1778.html"
},
{
"name": "RHSA-2013:1778",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1778.html"
"url": "http://www.debian.org/security/2013/dsa-2813",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2813"
},
{
"name": "GLSA-201603-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-01"
"url": "http://www.ubuntu.com/usn/USN-2051-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2051-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=953902",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=953902"
"url": "https://access.redhat.com/errata/RHSA-2013:1778",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1778"
},
{
"name": "DSA-2813",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2813"
"url": "https://security.gentoo.org/glsa/201603-01",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201603-01"
},
{
"name": "USN-2051-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2051-1"
"url": "http://www.securityfocus.com/bid/64098",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64098"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1978",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1978"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=953902",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=953902"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

182
2013/1xxx/CVE-2013-1993.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1993",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions."
"value": "CVE-2013-1993 Mesa: Multiple integer overflows leading to heap-based bufer overflows"
}
]
},
@ -44,68 +21,149 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:6.5.1-7.11.el5_9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:9.0-0.8.el6_4.3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[Mesa-dev] 20130523 [PATCH:mesa 1/2] integer overflow in XF86DRIOpenConnection() [CVE-2013-1993 1/2]",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/mesa-dev/2013-May/039720.html"
"url": "http://advisories.mageia.org/MGASA-2013-0190.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2013-0190.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2013-0190.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2013-0190.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0897.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0897.html"
},
{
"name": "DSA-2678",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2678"
"url": "http://www.ubuntu.com/usn/USN-1888-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1888-1"
},
{
"name": "openSUSE-SU-2013:0865",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00007.html"
"url": "https://access.redhat.com/errata/RHSA-2013:0897",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0897"
},
{
"name": "USN-1888-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1888-1"
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "MDVSA-2013:181",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:181"
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
},
{
"name": "RHSA-2013:0898",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0898.html"
"url": "http://lists.freedesktop.org/archives/mesa-dev/2013-May/039720.html",
"refsource": "MISC",
"name": "http://lists.freedesktop.org/archives/mesa-dev/2013-May/039720.html"
},
{
"name": "RHSA-2013:0897",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0897.html"
"url": "http://lists.freedesktop.org/archives/mesa-dev/2013-May/039722.html",
"refsource": "MISC",
"name": "http://lists.freedesktop.org/archives/mesa-dev/2013-May/039722.html"
},
{
"name": "[Mesa-dev] 20130523 [PATCH:mesa 2/2] integer overflow in XF86DRIGetClientDriverName() [CVE-2013-1993 2/2]",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/mesa-dev/2013-May/039722.html"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00007.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0898.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0898.html"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
"url": "http://www.debian.org/security/2013/dsa-2678",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2678"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:181",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:181"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0898",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0898"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1993",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1993"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=961613",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=961613"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

348
2013/1xxx/CVE-2013-1994.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1994",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions."
"value": "CVE-2013-1994 openchrome: Multiple integer overflows leading to heap-based bufer overflows"
}
]
},
@ -44,33 +21,322 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.4.52-4.el6",
"version_affected": "!"
},
{
"version_value": "0:0.13.3-0.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.8-1.el6",
"version_affected": "!"
},
{
"version_value": "0:10.1.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:3.4-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.32.4-4.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.6-5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.9-4.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.9-5.el6",
"version_affected": "!"
},
{
"version_value": "0:7.7-6.el6",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-7.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.5-10.el6",
"version_affected": "!"
},
{
"version_value": "0:0.98.0-1.el6",
"version_affected": "!"
},
{
"version_value": "0:7.3.99-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.5.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.6-15.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-3.el6",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-4.el6",
"version_affected": "!"
},
{
"version_value": "0:0.4.3-16.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-6.el6",
"version_affected": "!"
},
{
"version_value": "0:2.11.15-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.8-10.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.6-10.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.4-11.el6",
"version_affected": "!"
},
{
"version_value": "0:2.99.911-6.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-1.el6",
"version_affected": "!"
},
{
"version_value": "0:6.9.4-8.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.3-5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.8.0-14.el6",
"version_affected": "!"
},
{
"version_value": "0:1.9.0-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.7-7.el6",
"version_affected": "!"
},
{
"version_value": "1:1.0.10-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.1.20-5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.3.3-6.el6",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-15.el6",
"version_affected": "!"
},
{
"version_value": "0:6.9.1-8.el6",
"version_affected": "!"
},
{
"version_value": "0:4.2.5-10.el6",
"version_affected": "!"
},
{
"version_value": "0:1.10.6-10.el6",
"version_affected": "!"
},
{
"version_value": "0:2.3.7-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.7.7-9.el6",
"version_affected": "!"
},
{
"version_value": "0:0.10.7-10.el6",
"version_affected": "!"
},
{
"version_value": "0:0.9.6-10.el6",
"version_affected": "!"
},
{
"version_value": "0:1.7.6-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.5-10.el6",
"version_affected": "!"
},
{
"version_value": "0:0.2.0-36.el6",
"version_affected": "!"
},
{
"version_value": "0:2.3.2-15.el6",
"version_affected": "!"
},
{
"version_value": "0:13.0.0-2.el6",
"version_affected": "!"
},
{
"version_value": "0:13.0.1-9.el6",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-23.el6",
"version_affected": "!"
},
{
"version_value": "0:0.23.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.0-20.20121114git.el6",
"version_affected": "!"
},
{
"version_value": "0:0.6.0-5.20140506gitf78901e.el6",
"version_affected": "!"
},
{
"version_value": "0:1.15.0-22.el6",
"version_affected": "!"
},
{
"version_value": "0:7.7-2.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1871-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1871-1"
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2679",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2679"
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
"url": "http://www.debian.org/security/2013/dsa-2679",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2679"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
"url": "http://www.ubuntu.com/usn/USN-1871-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1871-1"
},
{
"url": "https://access.redhat.com/errata/RHBA-2014:1376",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2014:1376"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1994",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1994"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=959079",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=959079"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

107
2013/2xxx/CVE-2013-2029.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2029",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary nagioscfg file with a predictable name in /tmp/."
"value": "CVE-2013-2029 Nagios core: Insecure temporary file usage in nagios.upgrade_to_v3.sh"
}
]
},
@ -44,23 +21,83 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Insecure Temporary File",
"cweId": "CWE-377"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:3.5.1-2.el6ost",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1526",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1526.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1526.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1526.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=958015",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958015"
"url": "https://access.redhat.com/errata/RHSA-2013:1526",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1526"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-2029",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-2029"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958015",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=958015"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

624
2013/2xxx/CVE-2013-2033.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2033",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors."
"value": "CVE-2013-2033 Jenkins: Build Description XSS"
}
]
},
@ -44,28 +21,599 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "RHEL 6 Version of OpenShift Enterprise 1.2",
"version": {
"version_data": [
{
"version_value": "0:3.8.4-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.6-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.0.35-11.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-36.el6",
"version_affected": "!"
},
{
"version_value": "0:3.3.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:8.70-15.el6_4.1",
"version_affected": "!"
},
{
"version_value": "0:1.4.22-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:6.5.4.7-6.el6_2",
"version_affected": "!"
},
{
"version_value": "0:1.900.1-15.el6_1.1",
"version_affected": "!"
},
{
"version_value": "0:6.0.0.GA-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:6.0.0.GA-8.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.509.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.19-0.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.70-12.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.2.1-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.19-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2007e-11.el6",
"version_affected": "!"
},
{
"version_value": "0:0.37-7.2.el6_4",
"version_affected": "!"
},
{
"version_value": "0:2.5.8-10.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.20-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.1.16-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.5-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.22-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7.6-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.1-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.8-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.10-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.7-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.8-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.6-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.5-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.7-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.8-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.9-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.2.7-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.3-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.9.2-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.9-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.4-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.3-4",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4008-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.31-6.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.08-3.1.el6",
"version_affected": "!"
},
{
"version_value": "0:3.0.17-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.09-9.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.13-2.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.31-3.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.7901-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.16004-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1000-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.03-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.35-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.110-10.1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.15-5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.08-9.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.70-4.el6",
"version_affected": "!"
},
{
"version_value": "0:5.3.3-22.el6",
"version_affected": "!"
},
{
"version_value": "0:5.3.3-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.5.0-0.3.b3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-0.1.b3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.2.2-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.1.4-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.11-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.5.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.05-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:4.7.0-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.6-3.el6op",
"version_affected": "!"
},
{
"version_value": "1:1.8.5-10.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-8.el6",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-7.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0.3-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.10-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-8.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.16-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-7.el6",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-7.el6",
"version_affected": "!"
},
{
"version_value": "0:1.7.3-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.0.1-8.el6",
"version_affected": "!"
},
{
"version_value": "0:0.12.10-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.11.0-2.el6",
"version_affected": "!"
},
{
"version_value": "0:2.11.1-1",
"version_affected": "!"
},
{
"version_value": "0:2.11.1-2",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.3.1-3.el6op",
"version_affected": "!"
},
{
"version_value": "1:1.3.2-11.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.6-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.0.5-3.el6",
"version_affected": "!"
},
{
"version_value": "0:4.8.1-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-8.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.0.94-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.1.2-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.21-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4.3.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.13-1.2.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.5-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.17-2.el6op.1",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.8.7-2.1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.4-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.8.4-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-6.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.4-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.14.6-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.5-93.el6op",
"version_affected": "!"
},
{
"version_value": "0:4.3.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.13.1-6.el6op.1",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-10.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb",
"refsource": "CONFIRM",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb",
"refsource": "MISC",
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"name": "jenkins-cve20132033-xss(84004)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004"
"url": "https://access.redhat.com/errata/RHEA-2013:1032",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHEA-2013:1032"
},
{
"name": "92982",
"refsource": "OSVDB",
"url": "http://osvdb.org/92982"
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02"
},
{
"url": "http://osvdb.org/92982",
"refsource": "MISC",
"name": "http://osvdb.org/92982"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-2033",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-2033"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958957",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=958957"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004"
},
{
"url": "https://issues.jenkins-ci.org/browse/SECURITY-67",
"refsource": "MISC",
"name": "https://issues.jenkins-ci.org/browse/SECURITY-67"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

623
2013/2xxx/CVE-2013-2034.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2034",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors."
"value": "CVE-2013-2034 Jenkins: Multiple CSRF in MavenAbstractArtifactRecord.doRedeploy and Jenkins.doEval"
}
]
},
@ -44,23 +21,599 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "RHEL 6 Version of OpenShift Enterprise 1.2",
"version": {
"version_data": [
{
"version_value": "0:3.8.4-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.6-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.0.35-11.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-36.el6",
"version_affected": "!"
},
{
"version_value": "0:3.3.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:8.70-15.el6_4.1",
"version_affected": "!"
},
{
"version_value": "0:1.4.22-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:6.5.4.7-6.el6_2",
"version_affected": "!"
},
{
"version_value": "0:1.900.1-15.el6_1.1",
"version_affected": "!"
},
{
"version_value": "0:6.0.0.GA-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:6.0.0.GA-8.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.509.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.19-0.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.70-12.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.2.1-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.19-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2007e-11.el6",
"version_affected": "!"
},
{
"version_value": "0:0.37-7.2.el6_4",
"version_affected": "!"
},
{
"version_value": "0:2.5.8-10.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.20-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.1.16-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.5-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.22-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7.6-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.1-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.8-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.10-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.7-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.8-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.6-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.5-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.3.7-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.8-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.4.9-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.2.7-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.3-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.9.2-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.9-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.4-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.3-4",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-1.1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4008-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.31-6.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.08-3.1.el6",
"version_affected": "!"
},
{
"version_value": "0:3.0.17-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.09-9.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.13-2.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.31-3.1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.7901-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.16004-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1000-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.03-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.35-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.110-10.1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.15-5.el6",
"version_affected": "!"
},
{
"version_value": "0:0.08-9.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.70-4.el6",
"version_affected": "!"
},
{
"version_value": "0:5.3.3-22.el6",
"version_affected": "!"
},
{
"version_value": "0:5.3.3-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.5.0-0.3.b3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-0.1.b3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.2.2-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.1.4-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.11-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.5.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.05-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:4.7.0-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.7-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.6-3.el6op",
"version_affected": "!"
},
{
"version_value": "1:1.8.5-10.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-8.el6",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-7.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0.3-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.10-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-8.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-7.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.6.16-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-7.el6",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-7.el6",
"version_affected": "!"
},
{
"version_value": "0:1.7.3-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.0.1-8.el6",
"version_affected": "!"
},
{
"version_value": "0:0.12.10-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.11.0-2.el6",
"version_affected": "!"
},
{
"version_value": "0:2.11.1-1",
"version_affected": "!"
},
{
"version_value": "0:2.11.1-2",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.3.1-3.el6op",
"version_affected": "!"
},
{
"version_value": "1:1.3.2-11.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.6-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.0.5-3.el6",
"version_affected": "!"
},
{
"version_value": "0:4.8.1-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-8.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.0.94-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.8.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.1.2-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.21-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-5.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.4.3.1-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.9.13-1.2.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.5-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.17-2.el6op.1",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.8.7-2.1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.2.4-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.8.4-3.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-6.el6op",
"version_affected": "!"
},
{
"version_value": "0:3.0.4-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-4.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.14.6-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.0.5-93.el6op",
"version_affected": "!"
},
{
"version_value": "0:4.3.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.8.2-2.el6op",
"version_affected": "!"
},
{
"version_value": "0:2.13.1-6.el6op.1",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-10.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb",
"refsource": "CONFIRM",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb",
"refsource": "MISC",
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"name": "92981",
"refsource": "OSVDB",
"url": "http://osvdb.org/92981"
"url": "https://access.redhat.com/errata/RHEA-2013:1032",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHEA-2013:1032"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02"
},
{
"url": "http://osvdb.org/92981",
"refsource": "MISC",
"name": "http://osvdb.org/92981"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-2034",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-2034"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958958",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=958958"
},
{
"url": "https://issues.jenkins-ci.org/browse/SECURITY-63",
"refsource": "MISC",
"name": "https://issues.jenkins-ci.org/browse/SECURITY-63"
},
{
"url": "https://issues.jenkins-ci.org/browse/SECURITY-69",
"refsource": "MISC",
"name": "https://issues.jenkins-ci.org/browse/SECURITY-69"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}

807
2013/2xxx/CVE-2013-2050.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2050",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action."
"value": "CVE-2013-2050 CloudForms Management Engine 2: miq_policy/explorer SQL injection"
}
]
},
@ -44,38 +21,782 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"version": {
"version_data": [
{
"version_value": "0:5.2.0.37-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.12-11.el6cf",
"version_affected": "!"
},
{
"version_value": "0:B.02.16-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.0P1-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.3-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1-12.el6",
"version_affected": "!"
},
{
"version_value": "0:9.2.4-7.el6",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1-11.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.4-5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.9.3.448-38.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-3.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.1.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-3.el6",
"version_affected": "!"
},
{
"version_value": "0:4.9.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-7.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-3.el6",
"version_affected": "!"
},
{
"version_value": "0:4.6.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.5-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.29-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.9-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.7.0-4.el6",
"version_affected": "!"
},
{
"version_value": "0:0.25.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.14.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.0.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.19-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-3.el6",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.10.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.4-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.8.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.7.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:6.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.20.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.7-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.20110317223538-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.7-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.5-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.6.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.6-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.4-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.21-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.3-2.el6",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.20.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.4.5-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.2-7.el6",
"version_affected": "!"
},
{
"version_value": "0:0.6.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.13.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:10.1.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.8.3-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.17-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.12.2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-3.el6",
"version_affected": "!"
},
{
"version_value": "0:1.6.7-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.2.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.12.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.6-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.1.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.13.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.10-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.9.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.19-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.7.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.1.20-3.el6",
"version_affected": "!"
},
{
"version_value": "0:2.32.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.2.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.4-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.2.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.9-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.5-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.6-2.el6",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-8.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.6.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.5-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-0.6.beta5.el6",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.18.1-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-10.el6",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.4.10-6.el6",
"version_affected": "!"
},
{
"version_value": "0:1.16.2-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.3.33-2.el6",
"version_affected": "!"
},
{
"version_value": "0:2.1.3-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.4.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.5.1-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.11.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.12-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.14.5.10-1.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/124609/cfme_manageiq_evm_pass_reset.rb.txt",
"url": "https://access.redhat.com/errata/RHEA-2013:1487",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124609/cfme_manageiq_evm_pass_reset.rb.txt"
"name": "https://access.redhat.com/errata/RHEA-2013:1487"
},
{
"name": "56181",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56181"
"url": "http://packetstormsecurity.com/files/124609/cfme_manageiq_evm_pass_reset.rb.txt",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/124609/cfme_manageiq_evm_pass_reset.rb.txt"
},
{
"name": "64524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64524"
"url": "http://secunia.com/advisories/56181",
"refsource": "MISC",
"name": "http://secunia.com/advisories/56181"
},
{
"name": "cloudforms-cve20132050-sql-injection(89984)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89984"
"url": "http://www.securityfocus.com/bid/64524",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64524"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=959062",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=959062"
"url": "https://access.redhat.com/security/cve/CVE-2013-2050",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-2050"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=959062",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=959062"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89984",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89984"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

148
2013/2xxx/CVE-2013-2053.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2053",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054."
"value": "CVE-2013-2053 Openswan: remote buffer overflow in atodn()"
}
]
},
@ -44,48 +21,119 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-5.el5_9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-20.el6_4",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.openswan.org/news/13",
"refsource": "CONFIRM",
"url": "https://www.openswan.org/news/13"
"url": "https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html",
"refsource": "MISC",
"name": "https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html"
},
{
"name": "SUSE-SU-2013:1150",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html"
},
{
"name": "RHSA-2013:0827",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0827.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0827.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0827.html"
},
{
"name": "59838",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59838"
"url": "http://www.debian.org/security/2014/dsa-2893",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2893"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=960229",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=960229"
"url": "http://www.securityfocus.com/bid/59838",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59838"
},
{
"name": "[Swan-announce] 20130514 CVE-2013-2052: Libreswan remote buffer overflow in atodn()",
"refsource": "MLIST",
"url": "https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html"
"url": "https://access.redhat.com/errata/RHSA-2013:0827",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0827"
},
{
"name": "DSA-2893",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2893"
"url": "https://access.redhat.com/security/cve/CVE-2013-2053",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-2053"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=960229",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=960229"
},
{
"url": "https://www.openswan.org/news/13",
"refsource": "MISC",
"name": "https://www.openswan.org/news/13"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

413
2013/2xxx/CVE-2013-2094.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2094",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call."
"value": "CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access"
}
]
},
@ -44,158 +21,282 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.6.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.1 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-131.39.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.34.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.25.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.6.11.2-rt33.39.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:0847",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
},
{
"name": "MDVSA-2013:176",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
},
{
"name": "[linux-kernel] 20130413 Re: sw_perf_event_destroy() oops while fuzzing",
"refsource": "MLIST",
"url": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html"
},
{
"name": "[linux-kernel] 20130412 sw_perf_event_destroy() oops while fuzzing",
"refsource": "MLIST",
"url": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html"
},
{
"name": "[CentOS-announce] 20130517 CESA-2013:0830 Important CentOS 6 kernel Update",
"refsource": "MLIST",
"url": "http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html"
},
{
"name": "USN-1826-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1826-1"
},
{
"name": "[linux-kernel] 20130412 Re: sw_perf_event_destroy() oops while fuzzing",
"refsource": "MLIST",
"url": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html"
},
{
"name": "USN-1838-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1838-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=962792",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=962792"
},
{
"name": "https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"
},
{
"name": "USN-1828-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1828-1"
},
{
"name": "[CentOS-announce] 20130515 CentOS-6 CVE-2013-2094 Kernel Issue",
"refsource": "MLIST",
"url": "http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html"
},
{
"name": "USN-1827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1827-1"
},
{
"name": "USN-1836-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1836-1"
},
{
"name": "93361",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/93361"
},
{
"name": "33589",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33589"
},
{
"name": "RHSA-2013:0830",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0830.html"
},
{
"name": "http://news.ycombinator.com/item?id=5703758",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9",
"refsource": "MISC",
"url": "http://news.ycombinator.com/item?id=5703758"
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"
},
{
"name": "[oss-security] 20130514 Re: CVE Request: linux kernel perf out-of-bounds access",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/14/6"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8176cced706b5e5d15887584150764894e94e02f",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8176cced706b5e5d15887584150764894e94e02f"
},
{
"name": "SUSE-SU-2013:0819",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html"
},
{
"name": "http://packetstormsecurity.com/files/121616/semtex.c",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/121616/semtex.c"
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name": "openSUSE-SU-2013:0925",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name": "http://twitter.com/djrbliss/statuses/334301992648331267",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176",
"refsource": "MISC",
"url": "http://twitter.com/djrbliss/statuses/334301992648331267"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
},
{
"name": "http://www.reddit.com/r/netsec/comments/1eb9iw",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html",
"refsource": "MISC",
"url": "http://www.reddit.com/r/netsec/comments/1eb9iw"
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
},
{
"name": "openSUSE-SU-2013:1042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
"url": "https://access.redhat.com/errata/RHSA-2013:0829",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0829"
},
{
"name": "USN-1825-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1825-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html"
},
{
"name": "openSUSE-SU-2013:0951",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
},
{
"url": "http://www.ubuntu.com/usn/USN-1836-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1836-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1838-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1838-1"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f"
},
{
"url": "http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html",
"refsource": "MISC",
"name": "http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html"
},
{
"url": "http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html",
"refsource": "MISC",
"name": "http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html"
},
{
"url": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html",
"refsource": "MISC",
"name": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html"
},
{
"url": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html",
"refsource": "MISC",
"name": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html"
},
{
"url": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html",
"refsource": "MISC",
"name": "http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html"
},
{
"url": "http://news.ycombinator.com/item?id=5703758",
"refsource": "MISC",
"name": "http://news.ycombinator.com/item?id=5703758"
},
{
"url": "http://packetstormsecurity.com/files/121616/semtex.c",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/121616/semtex.c"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0830.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0830.html"
},
{
"url": "http://twitter.com/djrbliss/statuses/334301992648331267",
"refsource": "MISC",
"name": "http://twitter.com/djrbliss/statuses/334301992648331267"
},
{
"url": "http://www.exploit-db.com/exploits/33589",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/33589"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/05/14/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/14/6"
},
{
"url": "http://www.osvdb.org/93361",
"refsource": "MISC",
"name": "http://www.osvdb.org/93361"
},
{
"url": "http://www.reddit.com/r/netsec/comments/1eb9iw",
"refsource": "MISC",
"name": "http://www.reddit.com/r/netsec/comments/1eb9iw"
},
{
"url": "http://www.ubuntu.com/usn/USN-1825-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1825-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1826-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1826-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1827-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1827-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1828-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1828-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0830",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0830"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0832",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0832"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0840",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0840"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0841",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0841"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-2094",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-2094"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=962792",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=962792"
},
{
"url": "https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

1793
2013/2xxx/CVE-2013-2099.json
View File

File diff suppressed because it is too large Load Diff

1380
2013/2xxx/CVE-2013-2101.json
View File

File diff suppressed because it is too large Load Diff