From 4df42e7af3d306dc61b3cf846b50c26959a8bb12 Mon Sep 17 00:00:00 2001 From: MSRC Date: Mon, 8 Apr 2019 15:01:04 -0700 Subject: [PATCH] March Patch Tuesday Batch 3 --- 2019/0xxx/CVE-2019-0697.json | 81 ++++++++++++++++---- 2019/0xxx/CVE-2019-0698.json | 81 ++++++++++++++++---- 2019/0xxx/CVE-2019-0701.json | 77 +++++++++++++++---- 2019/0xxx/CVE-2019-0702.json | 110 ++++++++++++++++++++++++---- 2019/0xxx/CVE-2019-0703.json | 110 ++++++++++++++++++++++++---- 2019/0xxx/CVE-2019-0704.json | 110 ++++++++++++++++++++++++---- 2019/0xxx/CVE-2019-0726.json | 81 ++++++++++++++++---- 2019/0xxx/CVE-2019-0746.json | 138 +++++++++++++++++++++++++++++++---- 2019/0xxx/CVE-2019-0748.json | 67 +++++++++++++---- 2019/0xxx/CVE-2019-0754.json | 110 ++++++++++++++++++++++++---- 2019/0xxx/CVE-2019-0755.json | 110 ++++++++++++++++++++++++---- 11 files changed, 932 insertions(+), 143 deletions(-) diff --git a/2019/0xxx/CVE-2019-0697.json b/2019/0xxx/CVE-2019-0697.json index 9b715fe5b31..7075ca8a976 100644 --- a/2019/0xxx/CVE-2019-0697.json +++ b/2019/0xxx/CVE-2019-0697.json @@ -1,18 +1,73 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0697", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0697", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0698, CVE-2019-0726." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0697" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0698.json b/2019/0xxx/CVE-2019-0698.json index 6dbf463a564..720a0ccda04 100644 --- a/2019/0xxx/CVE-2019-0698.json +++ b/2019/0xxx/CVE-2019-0698.json @@ -1,18 +1,73 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0698", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0698", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0697, CVE-2019-0726." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0698" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0701.json b/2019/0xxx/CVE-2019-0701.json index 1d46c59cdc7..2d0738260cc 100644 --- a/2019/0xxx/CVE-2019-0701.json +++ b/2019/0xxx/CVE-2019-0701.json @@ -1,18 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0701", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0701", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0695." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Denial of Service" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0701" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0702.json b/2019/0xxx/CVE-2019-0702.json index 87fe16425f0..2937da054e7 100644 --- a/2019/0xxx/CVE-2019-0702.json +++ b/2019/0xxx/CVE-2019-0702.json @@ -1,18 +1,102 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0702", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0702", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "7 for 32-bit Systems Service Pack 1"}, +{"version_value" : "7 for x64-based Systems Service Pack 1"}, +{"version_value" : "8.1 for 32-bit systems"}, +{"version_value" : "8.1 for x64-based systems"}, +{"version_value" : "RT 8.1"}, +{"version_value" : "10 for 32-bit Systems"}, +{"version_value" : "10 for x64-based Systems"}, +{"version_value" : "10 Version 1607 for 32-bit Systems"}, +{"version_value" : "10 Version 1607 for x64-based Systems"}, +{"version_value" : "10 Version 1703 for 32-bit Systems"}, +{"version_value" : "10 Version 1703 for x64-based Systems"}, +{"version_value" : "10 Version 1709 for 32-bit Systems"}, +{"version_value" : "10 Version 1709 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "10 Version 1709 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, +{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, +{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, +{"version_value" : "2012"}, +{"version_value" : "2012 (Core installation)"}, +{"version_value" : "2012 R2"}, +{"version_value" : "2012 R2 (Core installation)"}, +{"version_value" : "2016"}, +{"version_value" : "2016 (Core installation)"}, +{"version_value" : "version 1709 (Core Installation)"}, +{"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"}, +{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0702" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0703.json b/2019/0xxx/CVE-2019-0703.json index 0b3dadeecd4..2efcc6c4331 100644 --- a/2019/0xxx/CVE-2019-0703.json +++ b/2019/0xxx/CVE-2019-0703.json @@ -1,18 +1,102 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0703", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0703", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "7 for 32-bit Systems Service Pack 1"}, +{"version_value" : "7 for x64-based Systems Service Pack 1"}, +{"version_value" : "8.1 for 32-bit systems"}, +{"version_value" : "8.1 for x64-based systems"}, +{"version_value" : "RT 8.1"}, +{"version_value" : "10 for 32-bit Systems"}, +{"version_value" : "10 for x64-based Systems"}, +{"version_value" : "10 Version 1607 for 32-bit Systems"}, +{"version_value" : "10 Version 1607 for x64-based Systems"}, +{"version_value" : "10 Version 1703 for 32-bit Systems"}, +{"version_value" : "10 Version 1703 for x64-based Systems"}, +{"version_value" : "10 Version 1709 for 32-bit Systems"}, +{"version_value" : "10 Version 1709 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "10 Version 1709 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, +{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, +{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, +{"version_value" : "2012"}, +{"version_value" : "2012 (Core installation)"}, +{"version_value" : "2012 R2"}, +{"version_value" : "2012 R2 (Core installation)"}, +{"version_value" : "2016"}, +{"version_value" : "2016 (Core installation)"}, +{"version_value" : "version 1709 (Core Installation)"}, +{"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"}, +{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0703" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0704.json b/2019/0xxx/CVE-2019-0704.json index 08618938e47..31d8e29e29d 100644 --- a/2019/0xxx/CVE-2019-0704.json +++ b/2019/0xxx/CVE-2019-0704.json @@ -1,18 +1,102 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0704", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0704", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "7 for 32-bit Systems Service Pack 1"}, +{"version_value" : "7 for x64-based Systems Service Pack 1"}, +{"version_value" : "8.1 for 32-bit systems"}, +{"version_value" : "8.1 for x64-based systems"}, +{"version_value" : "RT 8.1"}, +{"version_value" : "10 for 32-bit Systems"}, +{"version_value" : "10 for x64-based Systems"}, +{"version_value" : "10 Version 1607 for 32-bit Systems"}, +{"version_value" : "10 Version 1607 for x64-based Systems"}, +{"version_value" : "10 Version 1703 for 32-bit Systems"}, +{"version_value" : "10 Version 1703 for x64-based Systems"}, +{"version_value" : "10 Version 1709 for 32-bit Systems"}, +{"version_value" : "10 Version 1709 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "10 Version 1709 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, +{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, +{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, +{"version_value" : "2012"}, +{"version_value" : "2012 (Core installation)"}, +{"version_value" : "2012 R2"}, +{"version_value" : "2012 R2 (Core installation)"}, +{"version_value" : "2016"}, +{"version_value" : "2016 (Core installation)"}, +{"version_value" : "version 1709 (Core Installation)"}, +{"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"}, +{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0821." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0704" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0726.json b/2019/0xxx/CVE-2019-0726.json index d84974b8e9a..0f4a9a6e7f3 100644 --- a/2019/0xxx/CVE-2019-0726.json +++ b/2019/0xxx/CVE-2019-0726.json @@ -1,18 +1,73 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0726", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0726", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0697, CVE-2019-0698." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0726" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0746.json b/2019/0xxx/CVE-2019-0746.json index c0ff632282e..6142bc85318 100644 --- a/2019/0xxx/CVE-2019-0746.json +++ b/2019/0xxx/CVE-2019-0746.json @@ -1,18 +1,130 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0746", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0746", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Internet Explorer 9", + "version" : { + "version_data" : [ + {"version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2"}, +{"version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Internet Explorer 11", + "version" : { + "version_data" : [ + {"version_value" : "Windows 7 for 32-bit Systems Service Pack 1"}, +{"version_value" : "Windows 7 for x64-based Systems Service Pack 1"}, +{"version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1"}, +{"version_value" : "Windows 8.1 for 32-bit systems"}, +{"version_value" : "Windows 8.1 for x64-based systems"}, +{"version_value" : "Windows Server 2012 R2"}, +{"version_value" : "Windows RT 8.1"}, +{"version_value" : "Windows 10 for 32-bit Systems"}, +{"version_value" : "Windows 10 for x64-based Systems"}, +{"version_value" : "Windows Server 2016"}, +{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "Windows Server 2019"}, +{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} + ] + } +}, +{ +"product_name" : "Internet Explorer 10", + "version" : { + "version_data" : [ + {"version_value" : "Windows Server 2012"} + ] + } +}, +{ +"product_name" : "Microsoft Edge", + "version" : { + "version_data" : [ + {"version_value" : "Windows 10 for 32-bit Systems"}, +{"version_value" : "Windows 10 for x64-based Systems"}, +{"version_value" : "Windows Server 2016"}, +{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, +{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, +{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "Windows Server 2019"}, +{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} + ] + } +}, +{ +"product_name" : "ChakraCore", + "version" : { + "version_data" : [ + {"version_value" : ""} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0748.json b/2019/0xxx/CVE-2019-0748.json index ebd82d4887b..c7b2558b3dd 100644 --- a/2019/0xxx/CVE-2019-0748.json +++ b/2019/0xxx/CVE-2019-0748.json @@ -1,18 +1,59 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0748", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0748", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Microsoft Office", + "version" : { + "version_data" : [ + {"version_value" : "2010 Service Pack 2 (32-bit editions)"}, +{"version_value" : "2010 Service Pack 2 (64-bit editions)"} ] } -} \ No newline at end of file +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Remote Code Execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0748" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0754.json b/2019/0xxx/CVE-2019-0754.json index 510b9da3c74..30042063ae9 100644 --- a/2019/0xxx/CVE-2019-0754.json +++ b/2019/0xxx/CVE-2019-0754.json @@ -1,18 +1,102 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0754", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0754", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "7 for 32-bit Systems Service Pack 1"}, +{"version_value" : "7 for x64-based Systems Service Pack 1"}, +{"version_value" : "8.1 for 32-bit systems"}, +{"version_value" : "8.1 for x64-based systems"}, +{"version_value" : "RT 8.1"}, +{"version_value" : "10 for 32-bit Systems"}, +{"version_value" : "10 for x64-based Systems"}, +{"version_value" : "10 Version 1607 for 32-bit Systems"}, +{"version_value" : "10 Version 1607 for x64-based Systems"}, +{"version_value" : "10 Version 1703 for 32-bit Systems"}, +{"version_value" : "10 Version 1703 for x64-based Systems"}, +{"version_value" : "10 Version 1709 for 32-bit Systems"}, +{"version_value" : "10 Version 1709 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "10 Version 1709 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, +{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, +{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, +{"version_value" : "2012"}, +{"version_value" : "2012 (Core installation)"}, +{"version_value" : "2012 R2"}, +{"version_value" : "2012 R2 (Core installation)"}, +{"version_value" : "2016"}, +{"version_value" : "2016 (Core installation)"}, +{"version_value" : "version 1709 (Core Installation)"}, +{"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"}, +{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Denial of Service" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0754" + } + ] + } +} diff --git a/2019/0xxx/CVE-2019-0755.json b/2019/0xxx/CVE-2019-0755.json index 6bed4f09694..4ba1b9624ec 100644 --- a/2019/0xxx/CVE-2019-0755.json +++ b/2019/0xxx/CVE-2019-0755.json @@ -1,18 +1,102 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0755", - "STATE": "RESERVED" + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "secure@microsoft.com", + "ID" : "CVE-2019-0755", + "STATE" : "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } + "product" : { + "product_data" : [ + { +"product_name" : "Windows", + "version" : { + "version_data" : [ + {"version_value" : "7 for 32-bit Systems Service Pack 1"}, +{"version_value" : "7 for x64-based Systems Service Pack 1"}, +{"version_value" : "8.1 for 32-bit systems"}, +{"version_value" : "8.1 for x64-based systems"}, +{"version_value" : "RT 8.1"}, +{"version_value" : "10 for 32-bit Systems"}, +{"version_value" : "10 for x64-based Systems"}, +{"version_value" : "10 Version 1607 for 32-bit Systems"}, +{"version_value" : "10 Version 1607 for x64-based Systems"}, +{"version_value" : "10 Version 1703 for 32-bit Systems"}, +{"version_value" : "10 Version 1703 for x64-based Systems"}, +{"version_value" : "10 Version 1709 for 32-bit Systems"}, +{"version_value" : "10 Version 1709 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for 32-bit Systems"}, +{"version_value" : "10 Version 1803 for x64-based Systems"}, +{"version_value" : "10 Version 1803 for ARM64-based Systems"}, +{"version_value" : "10 Version 1809 for 32-bit Systems"}, +{"version_value" : "10 Version 1809 for x64-based Systems"}, +{"version_value" : "10 Version 1809 for ARM64-based Systems"}, +{"version_value" : "10 Version 1709 for ARM64-based Systems"} ] } -} \ No newline at end of file +}, +{ +"product_name" : "Windows Server", + "version" : { + "version_data" : [ + {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, +{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, +{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, +{"version_value" : "2012"}, +{"version_value" : "2012 (Core installation)"}, +{"version_value" : "2012 R2"}, +{"version_value" : "2012 R2 (Core installation)"}, +{"version_value" : "2016"}, +{"version_value" : "2016 (Core installation)"}, +{"version_value" : "version 1709 (Core Installation)"}, +{"version_value" : "version 1803 (Core Installation)"}, +{"version_value" : "2019"}, +{"version_value" : "2019 (Core installation)"}, +{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, +{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2"}, +{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} + ] + } +} + ] + }, + "vendor_name" : "Microsoft" + } + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Information Disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0755" + } + ] + } +}