From fdd73435cf676127541f89db06383b5a659e67b7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 23:38:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2002/0xxx/CVE-2002-0234.json | 160 ++--- 2002/0xxx/CVE-2002-0349.json | 140 ++-- 2002/0xxx/CVE-2002-0692.json | 160 ++--- 2002/2xxx/CVE-2002-2002.json | 170 ++--- 2002/2xxx/CVE-2002-2089.json | 140 ++-- 2005/0xxx/CVE-2005-0073.json | 150 ++--- 2005/1xxx/CVE-2005-1004.json | 150 ++--- 2005/1xxx/CVE-2005-1152.json | 180 ++--- 2005/1xxx/CVE-2005-1639.json | 140 ++-- 2005/1xxx/CVE-2005-1653.json | 130 ++-- 2005/1xxx/CVE-2005-1753.json | 130 ++-- 2005/1xxx/CVE-2005-1799.json | 130 ++-- 2009/0xxx/CVE-2009-0103.json | 150 ++--- 2009/0xxx/CVE-2009-0398.json | 150 ++--- 2009/0xxx/CVE-2009-0655.json | 170 ++--- 2009/1xxx/CVE-2009-1026.json | 150 ++--- 2009/1xxx/CVE-2009-1069.json | 170 ++--- 2009/1xxx/CVE-2009-1151.json | 260 ++++---- 2009/1xxx/CVE-2009-1493.json | 370 +++++------ 2009/1xxx/CVE-2009-1577.json | 240 +++---- 2009/1xxx/CVE-2009-1592.json | 180 ++--- 2012/2xxx/CVE-2012-2148.json | 34 +- 2012/2xxx/CVE-2012-2567.json | 160 ++--- 2012/2xxx/CVE-2012-2606.json | 140 ++-- 2012/2xxx/CVE-2012-2668.json | 230 +++---- 2012/2xxx/CVE-2012-2929.json | 34 +- 2012/3xxx/CVE-2012-3211.json | 140 ++-- 2012/3xxx/CVE-2012-3655.json | 170 ++--- 2012/3xxx/CVE-2012-3750.json | 160 ++--- 2012/3xxx/CVE-2012-3811.json | 130 ++-- 2012/3xxx/CVE-2012-3949.json | 160 ++--- 2012/4xxx/CVE-2012-4031.json | 160 ++--- 2012/4xxx/CVE-2012-4155.json | 140 ++-- 2012/4xxx/CVE-2012-4485.json | 170 ++--- 2012/6xxx/CVE-2012-6078.json | 34 +- 2012/6xxx/CVE-2012-6105.json | 140 ++-- 2012/6xxx/CVE-2012-6270.json | 130 ++-- 2012/6xxx/CVE-2012-6377.json | 34 +- 2015/5xxx/CVE-2015-5747.json | 150 ++--- 2017/2xxx/CVE-2017-2171.json | 1130 ++++++++++++++++---------------- 2017/2xxx/CVE-2017-2580.json | 150 ++--- 2017/2xxx/CVE-2017-2733.json | 132 ++-- 2017/2xxx/CVE-2017-2759.json | 34 +- 2017/2xxx/CVE-2017-2880.json | 132 ++-- 2017/6xxx/CVE-2017-6357.json | 34 +- 2017/6xxx/CVE-2017-6663.json | 140 ++-- 2018/11xxx/CVE-2018-11161.json | 140 ++-- 2018/11xxx/CVE-2018-11238.json | 34 +- 2018/11xxx/CVE-2018-11553.json | 120 ++-- 2018/11xxx/CVE-2018-11574.json | 130 ++-- 2018/11xxx/CVE-2018-11580.json | 130 ++-- 2018/11xxx/CVE-2018-11639.json | 120 ++-- 2018/11xxx/CVE-2018-11736.json | 130 ++-- 2018/14xxx/CVE-2018-14065.json | 140 ++-- 2018/14xxx/CVE-2018-14484.json | 34 +- 2018/14xxx/CVE-2018-14800.json | 132 ++-- 2018/14xxx/CVE-2018-14850.json | 140 ++-- 2018/14xxx/CVE-2018-14930.json | 34 +- 2018/15xxx/CVE-2018-15023.json | 34 +- 2018/15xxx/CVE-2018-15064.json | 34 +- 2018/15xxx/CVE-2018-15439.json | 180 ++--- 2018/15xxx/CVE-2018-15597.json | 34 +- 2018/20xxx/CVE-2018-20370.json | 120 ++-- 2018/20xxx/CVE-2018-20614.json | 120 ++-- 2018/8xxx/CVE-2018-8197.json | 34 +- 2018/8xxx/CVE-2018-8325.json | 146 ++--- 2018/8xxx/CVE-2018-8742.json | 34 +- 2018/8xxx/CVE-2018-8745.json | 34 +- 68 files changed, 4871 insertions(+), 4871 deletions(-) diff --git a/2002/0xxx/CVE-2002-0234.json b/2002/0xxx/CVE-2002-0234.json index b2a197e775c..fea355ac822 100644 --- a/2002/0xxx/CVE-2002-0234.json +++ b/2002/0xxx/CVE-2002-0234.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0234", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0234", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020205 NetScreen Response to ScreenOS Port Scan DoS Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/254268" - }, - { - "name" : "20020201 NetScreen ScreenOS 2.6 Subject to Trust Interface DoS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=101258281818524&w=2" - }, - { - "name" : "20020201 RE: NetScreen ScreenOS 2.6 Subject to Trust Interface DoS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=101258887105690&w=2" - }, - { - "name" : "4015", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4015" - }, - { - "name" : "netscreen-screenos-scan-dos(8057)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8057.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20020201 RE: NetScreen ScreenOS 2.6 Subject to Trust Interface DoS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=101258887105690&w=2" + }, + { + "name": "20020201 NetScreen ScreenOS 2.6 Subject to Trust Interface DoS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=101258281818524&w=2" + }, + { + "name": "20020205 NetScreen Response to ScreenOS Port Scan DoS Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/254268" + }, + { + "name": "netscreen-screenos-scan-dos(8057)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8057.php" + }, + { + "name": "4015", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4015" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0349.json b/2002/0xxx/CVE-2002-0349.json index e822f605433..dd376d68ae6 100644 --- a/2002/0xxx/CVE-2002-0349.json +++ b/2002/0xxx/CVE-2002-0349.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020228 ... Tiny Personal Firewall ...", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=101494587110288&w=2" - }, - { - "name" : "4207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4207" - }, - { - "name" : "tinyfw-popup-gain-access(8324)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8324.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "tinyfw-popup-gain-access(8324)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8324.php" + }, + { + "name": "20020228 ... Tiny Personal Firewall ...", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=101494587110288&w=2" + }, + { + "name": "4207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4207" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0692.json b/2002/0xxx/CVE-2002-0692.json index 456908e45cc..10ed1b72b54 100644 --- a/2002/0xxx/CVE-2002-0692.json +++ b/2002/0xxx/CVE-2002-0692.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0692", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0692", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS02-053", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-053" - }, - { - "name" : "VU#723537", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/723537" - }, - { - "name" : "fpse-smarthtml-interpreter-dos(10194)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10194.php" - }, - { - "name" : "fpse-smarthtml-interpreter-bo(10195)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10195.php" - }, - { - "name" : "5804", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5804" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5804", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5804" + }, + { + "name": "VU#723537", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/723537" + }, + { + "name": "fpse-smarthtml-interpreter-dos(10194)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10194.php" + }, + { + "name": "fpse-smarthtml-interpreter-bo(10195)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10195.php" + }, + { + "name": "MS02-053", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-053" + } + ] + } +} \ No newline at end of file diff --git a/2002/2xxx/CVE-2002-2002.json b/2002/2xxx/CVE-2002-2002.json index 25843855979..33088a9b748 100644 --- a/2002/2xxx/CVE-2002-2002.json +++ b/2002/2xxx/CVE-2002-2002.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-2002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-2002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020417 [SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00219.html" - }, - { - "name" : "http://www.lac.co.jp/security/english/snsadv_e/51_e.html", - "refsource" : "MISC", - "url" : "http://www.lac.co.jp/security/english/snsadv_e/51_e.html" - }, - { - "name" : "SSRT0771U", - "refsource" : "COMPAQ", - "url" : "http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml" - }, - { - "name" : "SSRT541", - "refsource" : "COMPAQ", - "url" : "http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml" - }, - { - "name" : "4544", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4544" - }, - { - "name" : "libc-lang-locpath-bo(8863)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8863.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT0771U", + "refsource": "COMPAQ", + "url": "http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml" + }, + { + "name": "4544", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4544" + }, + { + "name": "SSRT541", + "refsource": "COMPAQ", + "url": "http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml" + }, + { + "name": "http://www.lac.co.jp/security/english/snsadv_e/51_e.html", + "refsource": "MISC", + "url": "http://www.lac.co.jp/security/english/snsadv_e/51_e.html" + }, + { + "name": "20020417 [SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00219.html" + }, + { + "name": "libc-lang-locpath-bo(8863)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8863.php" + } + ] + } +} \ No newline at end of file diff --git a/2002/2xxx/CVE-2002-2089.json b/2002/2xxx/CVE-2002-2089.json index 4dea7db4dde..af34846efa2 100644 --- a/2002/2xxx/CVE-2002-2089.json +++ b/2002/2xxx/CVE-2002-2089.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-2089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-2089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020621 solaris 9 sparc rcp", - "refsource" : "VULN-DEV", - "url" : "http://cert.uni-stuttgart.de/archive/vuln-dev/2002/06/msg00262.html" - }, - { - "name" : "5085", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5085" - }, - { - "name" : "solaris-rcp-bo(9411)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/9411.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5085", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5085" + }, + { + "name": "20020621 solaris 9 sparc rcp", + "refsource": "VULN-DEV", + "url": "http://cert.uni-stuttgart.de/archive/vuln-dev/2002/06/msg00262.html" + }, + { + "name": "solaris-rcp-bo(9411)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/9411.php" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0073.json b/2005/0xxx/CVE-2005-0073.json index 2a342eb8b02..b1bda7d661f 100644 --- a/2005/0xxx/CVE-2005-0073.json +++ b/2005/0xxx/CVE-2005-0073.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0073", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0073", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-677", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-677" - }, - { - "name" : "1013163", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1013163" - }, - { - "name" : "14217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/14217" - }, - { - "name" : "14224", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/14224" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14224", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/14224" + }, + { + "name": "DSA-677", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-677" + }, + { + "name": "14217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/14217" + }, + { + "name": "1013163", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1013163" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1004.json b/2005/1xxx/CVE-2005-1004.json index 0b5c1145591..24104bd9bd4 100644 --- a/2005/1xxx/CVE-2005-1004.json +++ b/2005/1xxx/CVE-2005-1004.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remote attackers to inject arbitrary web script or HTML via the sgnuptype parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050404 Authenticaion bypass, Directory transversal and XSS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111264602406090&w=2" - }, - { - "name" : "1013640", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1013640" - }, - { - "name" : "14832", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/14832" - }, - { - "name" : "Payprocart-usrdetails-xss(19955)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19955" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remote attackers to inject arbitrary web script or HTML via the sgnuptype parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Payprocart-usrdetails-xss(19955)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19955" + }, + { + "name": "20050404 Authenticaion bypass, Directory transversal and XSS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111264602406090&w=2" + }, + { + "name": "1013640", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1013640" + }, + { + "name": "14832", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/14832" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1152.json b/2005/1xxx/CVE-2005-1152.json index c998216deb0..b3042577450 100644 --- a/2005/1xxx/CVE-2005-1152.json +++ b/2005/1xxx/CVE-2005-1152.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1152", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2005-1152", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-728", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-728" - }, - { - "name" : "GLSA-200505-17", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200505-17.xml" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=90622", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=90622" - }, - { - "name" : "http://bugs.gentoo.org/attachment.cgi?id=58329&action=view", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/attachment.cgi?id=58329&action=view" - }, - { - "name" : "15475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15475" - }, - { - "name" : "15478", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15478" - }, - { - "name" : "15505", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15505" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.gentoo.org/attachment.cgi?id=58329&action=view", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/attachment.cgi?id=58329&action=view" + }, + { + "name": "15505", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15505" + }, + { + "name": "15478", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15478" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=90622", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=90622" + }, + { + "name": "DSA-728", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-728" + }, + { + "name": "15475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15475" + }, + { + "name": "GLSA-200505-17", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200505-17.xml" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1639.json b/2005/1xxx/CVE-2005-1639.json index f2226858009..7018d6eb320 100644 --- a/2005/1xxx/CVE-2005-1639.json +++ b/2005/1xxx/CVE-2005-1639.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.under9round.com/sigma.txt", - "refsource" : "MISC", - "url" : "http://www.under9round.com/sigma.txt" - }, - { - "name" : "16620", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/16620" - }, - { - "name" : "15379", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15379" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.under9round.com/sigma.txt", + "refsource": "MISC", + "url": "http://www.under9round.com/sigma.txt" + }, + { + "name": "16620", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/16620" + }, + { + "name": "15379", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15379" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1653.json b/2005/1xxx/CVE-2005-1653.json index c8d33099ef3..8a898c5c626 100644 --- a/2005/1xxx/CVE-2005-1653.json +++ b/2005/1xxx/CVE-2005-1653.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "13597", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13597" - }, - { - "name" : "15268", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15268", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15268" + }, + { + "name": "13597", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13597" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1753.json b/2005/1xxx/CVE-2005-1753.json index b11dbe6d994..edc1a80b91f 100644 --- a/2005/1xxx/CVE-2005-1753.json +++ b/2005/1xxx/CVE-2005-1753.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1753", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: \"The report makes references to source code and files that do not exist in the mentioned products.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1753", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050524 Javamail Multiple Information Disclosure Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111697083812367&w=2" - }, - { - "name" : "http://tomcat.apache.org/security-5.html", - "refsource" : "MISC", - "url" : "http://tomcat.apache.org/security-5.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: \"The report makes references to source code and files that do not exist in the mentioned products.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050524 Javamail Multiple Information Disclosure Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111697083812367&w=2" + }, + { + "name": "http://tomcat.apache.org/security-5.html", + "refsource": "MISC", + "url": "http://tomcat.apache.org/security-5.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1799.json b/2005/1xxx/CVE-2005-1799.json index 7a046a69456..3da7678ba94 100644 --- a/2005/1xxx/CVE-2005-1799.json +++ b/2005/1xxx/CVE-2005-1799.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "13824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13824" - }, - { - "name" : "15538", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15538" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15538", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15538" + }, + { + "name": "13824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13824" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0103.json b/2009/0xxx/CVE-2009-0103.json index 9d851cc84e5..da470f7a44c 100644 --- a/2009/0xxx/CVE-2009-0103.json +++ b/2009/0xxx/CVE-2009-0103.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7687", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7687" - }, - { - "name" : "33138", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33138" - }, - { - "name" : "33386", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33386" - }, - { - "name" : "4888", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4888" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7687", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7687" + }, + { + "name": "33138", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33138" + }, + { + "name": "33386", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33386" + }, + { + "name": "4888", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4888" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0398.json b/2009/0xxx/CVE-2009-0398.json index 4397db9db96..91e5218b06c 100644 --- a/2009/0xxx/CVE-2009-0398.json +++ b/2009/0xxx/CVE-2009-0398.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20090129 CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/01/29/3" - }, - { - "name" : "RHSA-2009:0269", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0269.html" - }, - { - "name" : "oval:org.mitre.oval:def:9886", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9886" - }, - { - "name" : "33830", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33830" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2009:0269", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0269.html" + }, + { + "name": "33830", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33830" + }, + { + "name": "oval:org.mitre.oval:def:9886", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9886" + }, + { + "name": "[oss-security] 20090129 CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/01/29/3" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0655.json b/2009/0xxx/CVE-2009-0655.json index 0e6bdb25c9f..e9c40d6a5b0 100644 --- a/2009/0xxx/CVE-2009-0655.json +++ b/2009/0xxx/CVE-2009-0655.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a \"plain image\" of the authorized user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081208 [SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/498997" - }, - { - "name" : "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen", - "refsource" : "MISC", - "url" : "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen" - }, - { - "name" : "http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf", - "refsource" : "MISC", - "url" : "http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf" - }, - { - "name" : "http://security.bkis.vn/?p=292", - "refsource" : "MISC", - "url" : "http://security.bkis.vn/?p=292" - }, - { - "name" : "32700", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32700" - }, - { - "name" : "lenovo-plainimage-unauth-access(48961)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48961" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a \"plain image\" of the authorized user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf", + "refsource": "MISC", + "url": "http://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf" + }, + { + "name": "20081208 [SVRT-07-08] Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/498997" + }, + { + "name": "32700", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32700" + }, + { + "name": "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen", + "refsource": "MISC", + "url": "http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Nguyen" + }, + { + "name": "http://security.bkis.vn/?p=292", + "refsource": "MISC", + "url": "http://security.bkis.vn/?p=292" + }, + { + "name": "lenovo-plainimage-unauth-access(48961)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48961" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1026.json b/2009/1xxx/CVE-2009-1026.json index b6d85a2fea4..9bcff3920ad 100644 --- a/2009/1xxx/CVE-2009-1026.json +++ b/2009/1xxx/CVE-2009-1026.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1026", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1026", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8209", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8209" - }, - { - "name" : "34116", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34116" - }, - { - "name" : "ADV-2009-0732", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0732" - }, - { - "name" : "kimwebsites-login-sql-injection(49259)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49259" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-0732", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0732" + }, + { + "name": "kimwebsites-login-sql-injection(49259)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49259" + }, + { + "name": "8209", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8209" + }, + { + "name": "34116", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34116" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1069.json b/2009/1xxx/CVE-2009-1069.json index 57f66b0e109..95495cae53a 100644 --- a/2009/1xxx/CVE-2009-1069.json +++ b/2009/1xxx/CVE-2009-1069.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1069", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content Construction Kit (CCK) 6.x before 6.x-2.2, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (1) titles of candidate referenced nodes in the Node reference sub-module and the (2) names of candidate referenced users in the User reference sub-module." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/406520", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/406520" - }, - { - "name" : "34172", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34172" - }, - { - "name" : "52783", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/52783" - }, - { - "name" : "52784", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/52784" - }, - { - "name" : "34370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34370" - }, - { - "name" : "cck-node-user-xss(49317)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49317" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content Construction Kit (CCK) 6.x before 6.x-2.2, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (1) titles of candidate referenced nodes in the Node reference sub-module and the (2) names of candidate referenced users in the User reference sub-module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34172", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34172" + }, + { + "name": "52784", + "refsource": "OSVDB", + "url": "http://osvdb.org/52784" + }, + { + "name": "cck-node-user-xss(49317)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49317" + }, + { + "name": "http://drupal.org/node/406520", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/406520" + }, + { + "name": "52783", + "refsource": "OSVDB", + "url": "http://osvdb.org/52783" + }, + { + "name": "34370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34370" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1151.json b/2009/1xxx/CVE-2009-1151.json index b412158bcab..85037175f59 100644 --- a/2009/1xxx/CVE-2009-1151.json +++ b/2009/1xxx/CVE-2009-1151.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1151", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1151", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090609 CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504191/100/0/threaded" - }, - { - "name" : "8921", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8921" - }, - { - "name" : "http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/", - "refsource" : "MISC", - "url" : "http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/" - }, - { - "name" : "http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/", - "refsource" : "MISC", - "url" : "http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/" - }, - { - "name" : "http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301", - "refsource" : "CONFIRM", - "url" : "http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301" - }, - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php" - }, - { - "name" : "DSA-1824", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1824" - }, - { - "name" : "GLSA-200906-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200906-03.xml" - }, - { - "name" : "MDVSA-2009:115", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:115" - }, - { - "name" : "SUSE-SR:2009:008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" - }, - { - "name" : "34236", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34236" - }, - { - "name" : "34430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34430" - }, - { - "name" : "34642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34642" - }, - { - "name" : "35585", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35585" - }, - { - "name" : "35635", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35635" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php" + }, + { + "name": "GLSA-200906-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200906-03.xml" + }, + { + "name": "34642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34642" + }, + { + "name": "http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/", + "refsource": "MISC", + "url": "http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/" + }, + { + "name": "20090609 CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504191/100/0/threaded" + }, + { + "name": "DSA-1824", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1824" + }, + { + "name": "SUSE-SR:2009:008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" + }, + { + "name": "MDVSA-2009:115", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:115" + }, + { + "name": "34236", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34236" + }, + { + "name": "34430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34430" + }, + { + "name": "35635", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35635" + }, + { + "name": "http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301", + "refsource": "CONFIRM", + "url": "http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301" + }, + { + "name": "8921", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8921" + }, + { + "name": "35585", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35585" + }, + { + "name": "http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/", + "refsource": "MISC", + "url": "http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1493.json b/2009/1xxx/CVE-2009-1493.json index 1a99221e7c4..740c367c55c 100644 --- a/2009/1xxx/CVE-2009-1493.json +++ b/2009/1xxx/CVE-2009-1493.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1493", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1493", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8570", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8570" - }, - { - "name" : "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html", - "refsource" : "MISC", - "url" : "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html" - }, - { - "name" : "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt", - "refsource" : "MISC", - "url" : "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt" - }, - { - "name" : "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html", - "refsource" : "CONFIRM", - "url" : "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb09-06.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb09-06.html" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953" - }, - { - "name" : "GLSA-200907-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200907-06.xml" - }, - { - "name" : "RHSA-2009:0478", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0478.html" - }, - { - "name" : "259028", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1" - }, - { - "name" : "SUSE-SA:2009:027", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html" - }, - { - "name" : "SUSE-SR:2009:011", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html" - }, - { - "name" : "TA09-133B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-133B.html" - }, - { - "name" : "VU#970180", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/970180" - }, - { - "name" : "34740", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34740" - }, - { - "name" : "54129", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/54129" - }, - { - "name" : "1022139", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022139" - }, - { - "name" : "34924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34924" - }, - { - "name" : "35096", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35096" - }, - { - "name" : "35055", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35055" - }, - { - "name" : "35152", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35152" - }, - { - "name" : "35358", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35358" - }, - { - "name" : "35416", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35416" - }, - { - "name" : "35734", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35734" - }, - { - "name" : "ADV-2009-1189", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1189" - }, - { - "name" : "ADV-2009-1317", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1317" - }, - { - "name" : "reader-spellcustom-code-execution(50146)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34740", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34740" + }, + { + "name": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html", + "refsource": "CONFIRM", + "url": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=926953" + }, + { + "name": "35734", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35734" + }, + { + "name": "TA09-133B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-133B.html" + }, + { + "name": "8570", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8570" + }, + { + "name": "ADV-2009-1189", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1189" + }, + { + "name": "reader-spellcustom-code-execution(50146)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb09-06.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb09-06.html" + }, + { + "name": "SUSE-SR:2009:011", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html" + }, + { + "name": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html", + "refsource": "MISC", + "url": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html" + }, + { + "name": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt", + "refsource": "MISC", + "url": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt" + }, + { + "name": "54129", + "refsource": "OSVDB", + "url": "http://osvdb.org/54129" + }, + { + "name": "GLSA-200907-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200907-06.xml" + }, + { + "name": "259028", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1" + }, + { + "name": "SUSE-SA:2009:027", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html" + }, + { + "name": "34924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34924" + }, + { + "name": "ADV-2009-1317", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1317" + }, + { + "name": "1022139", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022139" + }, + { + "name": "35358", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35358" + }, + { + "name": "35055", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35055" + }, + { + "name": "VU#970180", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/970180" + }, + { + "name": "35416", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35416" + }, + { + "name": "RHSA-2009:0478", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0478.html" + }, + { + "name": "35096", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35096" + }, + { + "name": "35152", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35152" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1577.json b/2009/1xxx/CVE-2009-1577.json index 9b7e817b08b..9db5b85cabe 100644 --- a/2009/1xxx/CVE-2009-1577.json +++ b/2009/1xxx/CVE-2009-1577.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long (1) function name or (2) symbol in a source-code file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2009-1577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20090505 Old cscope buffer overflow", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/05/05/1" - }, - { - "name" : "[oss-security] 20090506 Re: Old cscope buffer overflow", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/05/06/10" - }, - { - "name" : "[oss-security] 20090506 Re: Old cscope buffer overflow", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/05/06/9" - }, - { - "name" : "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?r1=1.18&r2=1.19", - "refsource" : "CONFIRM", - "url" : "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?r1=1.18&r2=1.19" - }, - { - "name" : "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?view=log#rev1.19", - "refsource" : "CONFIRM", - "url" : "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?view=log#rev1.19" - }, - { - "name" : "http://cvs.fedoraproject.org/viewvc/rpms/cscope/devel/cscope-15.5-putstring-overflow.patch", - "refsource" : "CONFIRM", - "url" : "http://cvs.fedoraproject.org/viewvc/rpms/cscope/devel/cscope-15.5-putstring-overflow.patch" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=189666", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=189666" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=499174", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=499174" - }, - { - "name" : "GLSA-200905-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200905-02.xml" - }, - { - "name" : "RHSA-2009:1101", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-1101.html" - }, - { - "name" : "oval:org.mitre.oval:def:9837", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9837" - }, - { - "name" : "35213", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35213" - }, - { - "name" : "cscope-findc-bo(50366)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50366" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long (1) function name or (2) symbol in a source-code file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20090506 Re: Old cscope buffer overflow", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/05/06/9" + }, + { + "name": "oval:org.mitre.oval:def:9837", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9837" + }, + { + "name": "RHSA-2009:1101", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-1101.html" + }, + { + "name": "http://cvs.fedoraproject.org/viewvc/rpms/cscope/devel/cscope-15.5-putstring-overflow.patch", + "refsource": "CONFIRM", + "url": "http://cvs.fedoraproject.org/viewvc/rpms/cscope/devel/cscope-15.5-putstring-overflow.patch" + }, + { + "name": "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?view=log#rev1.19", + "refsource": "CONFIRM", + "url": "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?view=log#rev1.19" + }, + { + "name": "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?r1=1.18&r2=1.19", + "refsource": "CONFIRM", + "url": "http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?r1=1.18&r2=1.19" + }, + { + "name": "[oss-security] 20090505 Old cscope buffer overflow", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/05/05/1" + }, + { + "name": "GLSA-200905-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200905-02.xml" + }, + { + "name": "cscope-findc-bo(50366)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50366" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=499174", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=499174" + }, + { + "name": "35213", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35213" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=189666", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=189666" + }, + { + "name": "[oss-security] 20090506 Re: Old cscope buffer overflow", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/05/06/10" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1592.json b/2009/1xxx/CVE-2009-1592.json index bd888fa5e00..5da19b6b17a 100644 --- a/2009/1xxx/CVE-2009-1592.json +++ b/2009/1xxx/CVE-2009-1592.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8611", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8611" - }, - { - "name" : "8614", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8614" - }, - { - "name" : "34822", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34822" - }, - { - "name" : "54219", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/54219" - }, - { - "name" : "34993", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34993" - }, - { - "name" : "ADV-2009-1263", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1263" - }, - { - "name" : "32bit-cwd-banner-bo(50337)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50337" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34822", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34822" + }, + { + "name": "34993", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34993" + }, + { + "name": "32bit-cwd-banner-bo(50337)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50337" + }, + { + "name": "ADV-2009-1263", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1263" + }, + { + "name": "8611", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8611" + }, + { + "name": "8614", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8614" + }, + { + "name": "54219", + "refsource": "OSVDB", + "url": "http://osvdb.org/54219" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2148.json b/2012/2xxx/CVE-2012-2148.json index 4a7ac8f3709..95a1bb89375 100644 --- a/2012/2xxx/CVE-2012-2148.json +++ b/2012/2xxx/CVE-2012-2148.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2148", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-2148", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2567.json b/2012/2xxx/CVE-2012-2567.json index 176495990ec..f1cdf6a819f 100644 --- a/2012/2xxx/CVE-2012-2567.json +++ b/2012/2xxx/CVE-2012-2567.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2567", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2012-2567", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.mobiledefense.com/2012/05/mobile-defense-finds-two-security-vulnerabilities-in-xelex-mobiletrack/", - "refsource" : "MISC", - "url" : "http://blog.mobiledefense.com/2012/05/mobile-defense-finds-two-security-vulnerabilities-in-xelex-mobiletrack/" - }, - { - "name" : "VU#464683", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/464683" - }, - { - "name" : "53634", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53634" - }, - { - "name" : "49268", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49268" - }, - { - "name" : "mobiletrack-ftp-info-disclosure(75783)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75783" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#464683", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/464683" + }, + { + "name": "49268", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49268" + }, + { + "name": "53634", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53634" + }, + { + "name": "http://blog.mobiledefense.com/2012/05/mobile-defense-finds-two-security-vulnerabilities-in-xelex-mobiletrack/", + "refsource": "MISC", + "url": "http://blog.mobiledefense.com/2012/05/mobile-defense-finds-two-security-vulnerabilities-in-xelex-mobiletrack/" + }, + { + "name": "mobiletrack-ftp-info-disclosure(75783)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75783" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2606.json b/2012/2xxx/CVE-2012-2606.json index 5c9f5db9209..75d8e63449e 100644 --- a/2012/2xxx/CVE-2012-2606.json +++ b/2012/2xxx/CVE-2012-2606.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2606", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2012-2606", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/MAPG-8TJKAF", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/MAPG-8TJKAF" - }, - { - "name" : "https://na3.salesforce.com/sfc/#version?id=06850000000JDx3", - "refsource" : "CONFIRM", - "url" : "https://na3.salesforce.com/sfc/#version?id=06850000000JDx3" - }, - { - "name" : "VU#709939", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/709939" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://na3.salesforce.com/sfc/#version?id=06850000000JDx3", + "refsource": "CONFIRM", + "url": "https://na3.salesforce.com/sfc/#version?id=06850000000JDx3" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MAPG-8TJKAF", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/MAPG-8TJKAF" + }, + { + "name": "VU#709939", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/709939" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2668.json b/2012/2xxx/CVE-2012-2668.json index bce794c3e1b..91c12379035 100644 --- a/2012/2xxx/CVE-2012-2668.json +++ b/2012/2xxx/CVE-2012-2668.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2668", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-2668", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20120605 CVE request: openldap does not honor TLSCipherSuite configuration option", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/06/05/4" - }, - { - "name" : "[oss-security] 20120605 Re: CVE request: openldap does not honor TLSCipherSuite configuration option", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/06/06/1" - }, - { - "name" : "[oss-security] 20120606 Re: CVE request: openldap does not honor TLSCipherSuite configuration option", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/06/06/2" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=825875", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=825875" - }, - { - "name" : "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2c2bb2e", - "refsource" : "CONFIRM", - "url" : "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2c2bb2e" - }, - { - "name" : "http://www.openldap.org/its/index.cgi?findid=7285", - "refsource" : "CONFIRM", - "url" : "http://www.openldap.org/its/index.cgi?findid=7285" - }, - { - "name" : "GLSA-201406-36", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-36.xml" - }, - { - "name" : "RHSA-2012:1151", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1151.html" - }, - { - "name" : "53823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53823" - }, - { - "name" : "1027127", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027127" - }, - { - "name" : "openldap-nss-weak-security(76099)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76099" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20120606 Re: CVE request: openldap does not honor TLSCipherSuite configuration option", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/06/06/2" + }, + { + "name": "GLSA-201406-36", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-36.xml" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309" + }, + { + "name": "RHSA-2012:1151", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1151.html" + }, + { + "name": "http://www.openldap.org/its/index.cgi?findid=7285", + "refsource": "CONFIRM", + "url": "http://www.openldap.org/its/index.cgi?findid=7285" + }, + { + "name": "[oss-security] 20120605 CVE request: openldap does not honor TLSCipherSuite configuration option", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/06/05/4" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=825875", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=825875" + }, + { + "name": "[oss-security] 20120605 Re: CVE request: openldap does not honor TLSCipherSuite configuration option", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/06/06/1" + }, + { + "name": "openldap-nss-weak-security(76099)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76099" + }, + { + "name": "1027127", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027127" + }, + { + "name": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2c2bb2e", + "refsource": "CONFIRM", + "url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2c2bb2e" + }, + { + "name": "53823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53823" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2929.json b/2012/2xxx/CVE-2012-2929.json index fc823298bf3..df966a7f970 100644 --- a/2012/2xxx/CVE-2012-2929.json +++ b/2012/2xxx/CVE-2012-2929.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2929", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-2929", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3211.json b/2012/3xxx/CVE-2012-3211.json index 6a816ca1b0d..bc2e84fb533 100644 --- a/2012/3xxx/CVE-2012-3211.json +++ b/2012/3xxx/CVE-2012-3211.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2012-3211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "56049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56049" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" + }, + { + "name": "56049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56049" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3655.json b/2012/3xxx/CVE-2012-3655.json index 539520bc245..705453f0e8f 100644 --- a/2012/3xxx/CVE-2012-3655.json +++ b/2012/3xxx/CVE-2012-3655.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2012-3655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT5400", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5400" - }, - { - "name" : "http://support.apple.com/kb/HT5485", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5485" - }, - { - "name" : "http://support.apple.com/kb/HT5503", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5503" - }, - { - "name" : "APPLE-SA-2012-07-25-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" - }, - { - "name" : "APPLE-SA-2012-09-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" - }, - { - "name" : "APPLE-SA-2012-09-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT5485", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5485" + }, + { + "name": "APPLE-SA-2012-09-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" + }, + { + "name": "http://support.apple.com/kb/HT5503", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5503" + }, + { + "name": "APPLE-SA-2012-09-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" + }, + { + "name": "APPLE-SA-2012-07-25-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" + }, + { + "name": "http://support.apple.com/kb/HT5400", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5400" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3750.json b/2012/3xxx/CVE-2012-3750.json index b071625400a..32d6c3200e4 100644 --- a/2012/3xxx/CVE-2012-3750.json +++ b/2012/3xxx/CVE-2012-3750.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2012-3750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20121101 APPLE-SA-2012-11-01-1 iOS 6.0.1", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html" - }, - { - "name" : "http://support.apple.com/kb/HT5567", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5567" - }, - { - "name" : "APPLE-SA-2012-11-01-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html" - }, - { - "name" : "56363", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56363" - }, - { - "name" : "appleios-passcode-sec-bypass(79747)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79747" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56363", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56363" + }, + { + "name": "http://support.apple.com/kb/HT5567", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5567" + }, + { + "name": "appleios-passcode-sec-bypass(79747)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79747" + }, + { + "name": "APPLE-SA-2012-11-01-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html" + }, + { + "name": "20121101 APPLE-SA-2012-11-01-1 iOS 6.0.1", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3811.json b/2012/3xxx/CVE-2012-3811.json index 739f4137a7e..3348ed3139d 100644 --- a/2012/3xxx/CVE-2012-3811.json +++ b/2012/3xxx/CVE-2012-3811.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-3811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-12-106/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-12-106/" - }, - { - "name" : "https://downloads.avaya.com/css/P8/documents/100164021", - "refsource" : "CONFIRM", - "url" : "https://downloads.avaya.com/css/P8/documents/100164021" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://zerodayinitiative.com/advisories/ZDI-12-106/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-12-106/" + }, + { + "name": "https://downloads.avaya.com/css/P8/documents/100164021", + "refsource": "CONFIRM", + "url": "https://downloads.avaya.com/css/P8/documents/100164021" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3949.json b/2012/3xxx/CVE-2012-3949.json index 8f6abfceb53..f308039c9eb 100644 --- a/2012/3xxx/CVE-2012-3949.json +++ b/2012/3xxx/CVE-2012-3949.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3949", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2012-3949", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20120926 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-sip" - }, - { - "name" : "20120926 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-cucm" - }, - { - "name" : "55697", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/55697" - }, - { - "name" : "85816", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/85816" - }, - { - "name" : "50774", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50774" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20120926 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-cucm" + }, + { + "name": "50774", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50774" + }, + { + "name": "85816", + "refsource": "OSVDB", + "url": "http://osvdb.org/85816" + }, + { + "name": "20120926 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-sip" + }, + { + "name": "55697", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/55697" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4031.json b/2012/4xxx/CVE-2012-4031.json index 17848dd9b6f..877a9db49ca 100644 --- a/2012/4xxx/CVE-2012-4031.json +++ b/2012/4xxx/CVE-2012-4031.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4031", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-4031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19526", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/19526" - }, - { - "name" : "54267", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54267" - }, - { - "name" : "83636", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/83636" - }, - { - "name" : "49776", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49776" - }, - { - "name" : "wangkongbao-acloglogin-directory-traversal(76682)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76682" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wangkongbao-acloglogin-directory-traversal(76682)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76682" + }, + { + "name": "83636", + "refsource": "OSVDB", + "url": "http://osvdb.org/83636" + }, + { + "name": "19526", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/19526" + }, + { + "name": "54267", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54267" + }, + { + "name": "49776", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49776" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4155.json b/2012/4xxx/CVE-2012-4155.json index 4dff0de5bcb..72072d8bc69 100644 --- a/2012/4xxx/CVE-2012-4155.json +++ b/2012/4xxx/CVE-2012-4155.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2012-4155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb12-16.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb12-16.html" - }, - { - "name" : "GLSA-201308-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201308-03.xml" - }, - { - "name" : "oval:org.mitre.oval:def:15590", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15590" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.adobe.com/support/security/bulletins/apsb12-16.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html" + }, + { + "name": "oval:org.mitre.oval:def:15590", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15590" + }, + { + "name": "GLSA-201308-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201308-03.xml" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4485.json b/2012/4xxx/CVE-2012-4485.json index 6649433235e..26be0fbd36e 100644 --- a/2012/4xxx/CVE-2012-4485.json +++ b/2012/4xxx/CVE-2012-4485.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the galleryformatter_field_formatter_view functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or HTML via the (1) title or (2) alt parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-4485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20121004 CVE Request for Drupal Contributed Modules", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/10/04/6" - }, - { - "name" : "[oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/10/07/1" - }, - { - "name" : "http://drupal.org/node/1700578", - "refsource" : "MISC", - "url" : "http://drupal.org/node/1700578" - }, - { - "name" : "http://drupal.org/node/1699744", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/1699744" - }, - { - "name" : "http://drupalcode.org/project/galleryformatter.git/commitdiff/b0392a1", - "refsource" : "CONFIRM", - "url" : "http://drupalcode.org/project/galleryformatter.git/commitdiff/b0392a1" - }, - { - "name" : "54674", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54674" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the galleryformatter_field_formatter_view functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or HTML via the (1) title or (2) alt parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20121004 CVE Request for Drupal Contributed Modules", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/10/04/6" + }, + { + "name": "http://drupalcode.org/project/galleryformatter.git/commitdiff/b0392a1", + "refsource": "CONFIRM", + "url": "http://drupalcode.org/project/galleryformatter.git/commitdiff/b0392a1" + }, + { + "name": "http://drupal.org/node/1699744", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/1699744" + }, + { + "name": "http://drupal.org/node/1700578", + "refsource": "MISC", + "url": "http://drupal.org/node/1700578" + }, + { + "name": "54674", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54674" + }, + { + "name": "[oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/10/07/1" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6078.json b/2012/6xxx/CVE-2012-6078.json index 4815c84661b..a521e96b397 100644 --- a/2012/6xxx/CVE-2012-6078.json +++ b/2012/6xxx/CVE-2012-6078.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6078", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6078", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6105.json b/2012/6xxx/CVE-2012-6105.json index ad23dd06d48..8d46221f144 100644 --- a/2012/6xxx/CVE-2012-6105.json +++ b/2012/6xxx/CVE-2012-6105.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6105", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-6105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20130121 Moodle security notifications public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2013/01/21/1" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37467", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37467" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=220166", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=220166" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://moodle.org/mod/forum/discuss.php?d=220166", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=220166" + }, + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37467", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37467" + }, + { + "name": "[oss-security] 20130121 Moodle security notifications public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2013/01/21/1" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6270.json b/2012/6xxx/CVE-2012-6270.json index 3e895613a60..7eac332836a 100644 --- a/2012/6xxx/CVE-2012-6270.json +++ b/2012/6xxx/CVE-2012-6270.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6270", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a \"downgrading\" attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2012-6270", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#546769", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/546769" - }, - { - "name" : "VU#323161", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/323161" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a \"downgrading\" attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#546769", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/546769" + }, + { + "name": "VU#323161", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/323161" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6377.json b/2012/6xxx/CVE-2012-6377.json index 5f864b4307b..d2972ce800f 100644 --- a/2012/6xxx/CVE-2012-6377.json +++ b/2012/6xxx/CVE-2012-6377.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6377", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6377", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5747.json b/2015/5xxx/CVE-2015-5747.json index 7733082d3f7..5e8f4f84674 100644 --- a/2015/5xxx/CVE-2015-5747.json +++ b/2015/5xxx/CVE-2015-5747.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5747", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-5747", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "76340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76340" - }, - { - "name" : "1033276", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76340" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "1033276", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033276" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2171.json b/2017/2xxx/CVE-2017-2171.json index aab9f37d8a1..42b32e8ca47 100644 --- a/2017/2xxx/CVE-2017-2171.json +++ b/2017/2xxx/CVE-2017-2171.json @@ -1,567 +1,567 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2017-2171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Captcha", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 4.3.0" - } - ] - } - }, - { - "product_name" : "Car Rental", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.5" - } - ] - } - }, - { - "product_name" : "Contact Form Multi", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.2.1" - } - ] - } - }, - { - "product_name" : "Contact Form", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 4.0.6" - } - ] - } - }, - { - "product_name" : "Contact Form to DB", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.5.7" - } - ] - } - }, - { - "product_name" : "Custom Admin Page", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 0.1.2" - } - ] - } - }, - { - "product_name" : "Custom Fields Search", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.3.2" - } - ] - } - }, - { - "product_name" : "Custom Search", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.36" - } - ] - } - }, - { - "product_name" : "Donate", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 2.1.1" - } - ] - } - }, - { - "product_name" : "Email Queue", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.2" - } - ] - } - }, - { - "product_name" : "Error Log Viewer", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.6" - } - ] - } - }, - { - "product_name" : "Facebook Button", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 2.54" - } - ] - } - }, - { - "product_name" : "Featured Posts", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.1" - } - ] - } - }, - { - "product_name" : "Gallery Categories", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.9" - } - ] - } - }, - { - "product_name" : "Gallery", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 4.5.0" - } - ] - } - }, - { - "product_name" : "Google +1", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.3.4" - } - ] - } - }, - { - "product_name" : "Google AdSense", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.44" - } - ] - } - }, - { - "product_name" : "Google Analytics", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.7.1" - } - ] - } - }, - { - "product_name" : "Google Captcha (reCAPTCHA)", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.28" - } - ] - } - }, - { - "product_name" : "Google Maps", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.3.6" - } - ] - } - }, - { - "product_name" : "Google Shortlink", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.5.3" - } - ] - } - }, - { - "product_name" : "Google Sitemap", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 3.0.8" - } - ] - } - }, - { - "product_name" : "Htaccess", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.7.6" - } - ] - } - }, - { - "product_name" : "Job Board", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.3" - } - ] - } - }, - { - "product_name" : "Latest Posts", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 0.3" - } - ] - } - }, - { - "product_name" : "Limit Attempts", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.8" - } - ] - } - }, - { - "product_name" : "LinkedIn", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.5" - } - ] - } - }, - { - "product_name" : "Multilanguage", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.2.2" - } - ] - } - }, - { - "product_name" : "PDF & Print", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.9.4" - } - ] - } - }, - { - "product_name" : "Pagination", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.7" - } - ] - } - }, - { - "product_name" : "Pinterest", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.5" - } - ] - } - }, - { - "product_name" : "Popular Posts", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.5" - } - ] - } - }, - { - "product_name" : "Portfolio", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 2.4" - } - ] - } - }, - { - "product_name" : "Post to CSV", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.3.1" - } - ] - } - }, - { - "product_name" : "Profile Extra", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.7" - } - ] - } - }, - { - "product_name" : "PromoBar", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.1" - } - ] - } - }, - { - "product_name" : "Quotes and Tips", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.32" - } - ] - } - }, - { - "product_name" : "Re-attacher", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.9" - } - ] - } - }, - { - "product_name" : "Realty", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.0" - } - ] - } - }, - { - "product_name" : "Relevant - Related Posts", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.2.0" - } - ] - } - }, - { - "product_name" : "Sender", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.2.1" - } - ] - } - }, - { - "product_name" : "SMTP", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.0" - } - ] - } - }, - { - "product_name" : "Social Buttons Pack", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.1.1" - } - ] - } - }, - { - "product_name" : "Subscriber", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.3.5" - } - ] - } - }, - { - "product_name" : "Testimonials", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 0.1.9" - } - ] - } - }, - { - "product_name" : "Timesheet", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 0.1.5" - } - ] - } - }, - { - "product_name" : "Twitter Button", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 2.55" - } - ] - } - }, - { - "product_name" : "User Role", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.5.6" - } - ] - } - }, - { - "product_name" : "Updater", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.35" - } - ] - } - }, - { - "product_name" : "Visitors Online", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.0" - } - ] - } - }, - { - "product_name" : "Zendesk Help Center", - "version" : { - "version_data" : [ - { - "version_value" : "prior to version 1.0.5" - } - ] - } - } - ] - }, - "vendor_name" : "BestWebSoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior to version 1.3.2, Custom Search prior to version 1.36, Donate prior to version 2.1.1, Email Queue prior to version 1.1.2, Error Log Viewer prior to version 1.0.6, Facebook Button prior to version 2.54, Featured Posts prior to version 1.0.1, Gallery Categories prior to version 1.0.9, Gallery prior to version 4.5.0, Google +1 prior to version 1.3.4, Google AdSense prior to version 1.44, Google Analytics prior to version 1.7.1, Google Captcha (reCAPTCHA) prior to version 1.28, Google Maps prior to version 1.3.6, Google Shortlink prior to version 1.5.3, Google Sitemap prior to version 3.0.8, Htaccess prior to version 1.7.6, Job Board prior to version 1.1.3, Latest Posts prior to version 0.3, Limit Attempts prior to version 1.1.8, LinkedIn prior to version 1.0.5, Multilanguage prior to version 1.2.2, PDF & Print prior to version 1.9.4, Pagination prior to version 1.0.7, Pinterest prior to version 1.0.5, Popular Posts prior to version 1.0.5, Portfolio prior to version 2.4, Post to CSV prior to version 1.3.1, Profile Extra prior to version 1.0.7. PromoBar prior to version 1.1.1, Quotes and Tips prior to version 1.32, Re-attacher prior to version 1.0.9, Realty prior to version 1.1.0, Relevant - Related Posts prior to version 1.2.0, Sender prior to version 1.2.1, SMTP prior to version 1.1.0, Social Buttons Pack prior to version 1.1.1, Subscriber prior to version 1.3.5, Testimonials prior to version 0.1.9, Timesheet prior to version 0.1.5, Twitter Button prior to version 2.55, User Role prior to version 1.5.6, Updater prior to version 1.35, Visitors Online prior to version 1.0.0, and Zendesk Help Center prior to version 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the function to display the BestWebSoft menu." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2017-2171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Captcha", + "version": { + "version_data": [ + { + "version_value": "prior to version 4.3.0" + } + ] + } + }, + { + "product_name": "Car Rental", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.5" + } + ] + } + }, + { + "product_name": "Contact Form Multi", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.2.1" + } + ] + } + }, + { + "product_name": "Contact Form", + "version": { + "version_data": [ + { + "version_value": "prior to version 4.0.6" + } + ] + } + }, + { + "product_name": "Contact Form to DB", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.5.7" + } + ] + } + }, + { + "product_name": "Custom Admin Page", + "version": { + "version_data": [ + { + "version_value": "prior to version 0.1.2" + } + ] + } + }, + { + "product_name": "Custom Fields Search", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.3.2" + } + ] + } + }, + { + "product_name": "Custom Search", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.36" + } + ] + } + }, + { + "product_name": "Donate", + "version": { + "version_data": [ + { + "version_value": "prior to version 2.1.1" + } + ] + } + }, + { + "product_name": "Email Queue", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.2" + } + ] + } + }, + { + "product_name": "Error Log Viewer", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.6" + } + ] + } + }, + { + "product_name": "Facebook Button", + "version": { + "version_data": [ + { + "version_value": "prior to version 2.54" + } + ] + } + }, + { + "product_name": "Featured Posts", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.1" + } + ] + } + }, + { + "product_name": "Gallery Categories", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.9" + } + ] + } + }, + { + "product_name": "Gallery", + "version": { + "version_data": [ + { + "version_value": "prior to version 4.5.0" + } + ] + } + }, + { + "product_name": "Google +1", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.3.4" + } + ] + } + }, + { + "product_name": "Google AdSense", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.44" + } + ] + } + }, + { + "product_name": "Google Analytics", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.7.1" + } + ] + } + }, + { + "product_name": "Google Captcha (reCAPTCHA)", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.28" + } + ] + } + }, + { + "product_name": "Google Maps", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.3.6" + } + ] + } + }, + { + "product_name": "Google Shortlink", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.5.3" + } + ] + } + }, + { + "product_name": "Google Sitemap", + "version": { + "version_data": [ + { + "version_value": "prior to version 3.0.8" + } + ] + } + }, + { + "product_name": "Htaccess", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.7.6" + } + ] + } + }, + { + "product_name": "Job Board", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.3" + } + ] + } + }, + { + "product_name": "Latest Posts", + "version": { + "version_data": [ + { + "version_value": "prior to version 0.3" + } + ] + } + }, + { + "product_name": "Limit Attempts", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.8" + } + ] + } + }, + { + "product_name": "LinkedIn", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.5" + } + ] + } + }, + { + "product_name": "Multilanguage", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.2.2" + } + ] + } + }, + { + "product_name": "PDF & Print", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.9.4" + } + ] + } + }, + { + "product_name": "Pagination", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.7" + } + ] + } + }, + { + "product_name": "Pinterest", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.5" + } + ] + } + }, + { + "product_name": "Popular Posts", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.5" + } + ] + } + }, + { + "product_name": "Portfolio", + "version": { + "version_data": [ + { + "version_value": "prior to version 2.4" + } + ] + } + }, + { + "product_name": "Post to CSV", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.3.1" + } + ] + } + }, + { + "product_name": "Profile Extra", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.7" + } + ] + } + }, + { + "product_name": "PromoBar", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.1" + } + ] + } + }, + { + "product_name": "Quotes and Tips", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.32" + } + ] + } + }, + { + "product_name": "Re-attacher", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.9" + } + ] + } + }, + { + "product_name": "Realty", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.0" + } + ] + } + }, + { + "product_name": "Relevant - Related Posts", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.2.0" + } + ] + } + }, + { + "product_name": "Sender", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.2.1" + } + ] + } + }, + { + "product_name": "SMTP", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.0" + } + ] + } + }, + { + "product_name": "Social Buttons Pack", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.1.1" + } + ] + } + }, + { + "product_name": "Subscriber", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.3.5" + } + ] + } + }, + { + "product_name": "Testimonials", + "version": { + "version_data": [ + { + "version_value": "prior to version 0.1.9" + } + ] + } + }, + { + "product_name": "Timesheet", + "version": { + "version_data": [ + { + "version_value": "prior to version 0.1.5" + } + ] + } + }, + { + "product_name": "Twitter Button", + "version": { + "version_data": [ + { + "version_value": "prior to version 2.55" + } + ] + } + }, + { + "product_name": "User Role", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.5.6" + } + ] + } + }, + { + "product_name": "Updater", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.35" + } + ] + } + }, + { + "product_name": "Visitors Online", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.0" + } + ] + } + }, + { + "product_name": "Zendesk Help Center", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.0.5" + } + ] + } + } + ] + }, + "vendor_name": "BestWebSoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#24834813", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN24834813/index.html" - }, - { - "name" : "JVNDB-2017-000094", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2017-000094" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior to version 1.3.2, Custom Search prior to version 1.36, Donate prior to version 2.1.1, Email Queue prior to version 1.1.2, Error Log Viewer prior to version 1.0.6, Facebook Button prior to version 2.54, Featured Posts prior to version 1.0.1, Gallery Categories prior to version 1.0.9, Gallery prior to version 4.5.0, Google +1 prior to version 1.3.4, Google AdSense prior to version 1.44, Google Analytics prior to version 1.7.1, Google Captcha (reCAPTCHA) prior to version 1.28, Google Maps prior to version 1.3.6, Google Shortlink prior to version 1.5.3, Google Sitemap prior to version 3.0.8, Htaccess prior to version 1.7.6, Job Board prior to version 1.1.3, Latest Posts prior to version 0.3, Limit Attempts prior to version 1.1.8, LinkedIn prior to version 1.0.5, Multilanguage prior to version 1.2.2, PDF & Print prior to version 1.9.4, Pagination prior to version 1.0.7, Pinterest prior to version 1.0.5, Popular Posts prior to version 1.0.5, Portfolio prior to version 2.4, Post to CSV prior to version 1.3.1, Profile Extra prior to version 1.0.7. PromoBar prior to version 1.1.1, Quotes and Tips prior to version 1.32, Re-attacher prior to version 1.0.9, Realty prior to version 1.1.0, Relevant - Related Posts prior to version 1.2.0, Sender prior to version 1.2.1, SMTP prior to version 1.1.0, Social Buttons Pack prior to version 1.1.1, Subscriber prior to version 1.3.5, Testimonials prior to version 0.1.9, Timesheet prior to version 0.1.5, Twitter Button prior to version 2.55, User Role prior to version 1.5.6, Updater prior to version 1.35, Visitors Online prior to version 1.0.0, and Zendesk Help Center prior to version 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the function to display the BestWebSoft menu." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2017-000094", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2017-000094" + }, + { + "name": "JVN#24834813", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN24834813/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2580.json b/2017/2xxx/CVE-2017-2580.json index 5d4fd4b6057..c6db0e5d03e 100644 --- a/2017/2xxx/CVE-2017-2580.json +++ b/2017/2xxx/CVE-2017-2580.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "anemec@redhat.com", - "ID" : "CVE-2017-2580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "netpbm", - "version" : { - "version_data" : [ - { - "version_value" : "10.61" - } - ] - } - } - ] - }, - "vendor_name" : "Netpbm" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "4.5/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", - "version" : "3.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-787" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2017-2580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "netpbm", + "version": { + "version_data": [ + { + "version_value": "10.61" + } + ] + } + } + ] + }, + "vendor_name": "Netpbm" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580" - }, - { - "name" : "96712", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96712" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "4.5/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96712", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96712" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2580" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2733.json b/2017/2xxx/CVE-2017-2733.json index f7f2ad17f73..80388dd5088 100644 --- a/2017/2xxx/CVE-2017-2733.json +++ b/2017/2xxx/CVE-2017-2733.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@huawei.com", - "DATE_PUBLIC" : "2017-11-15T00:00:00", - "ID" : "CVE-2017-2733", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Honor 6X", - "version" : { - "version_data" : [ - { - "version_value" : "Versions earlier than BLN-AL10C00B357, Versions earlier than BLN-AL20C00B357" - } - ] - } - } - ] - }, - "vendor_name" : "Huawei Technologies Co., Ltd." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Leak" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@huawei.com", + "DATE_PUBLIC": "2017-11-15T00:00:00", + "ID": "CVE-2017-2733", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Honor 6X", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than BLN-AL10C00B357, Versions earlier than BLN-AL20C00B357" + } + ] + } + } + ] + }, + "vendor_name": "Huawei Technologies Co., Ltd." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170405-02-smartphone-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170405-02-smartphone-en" - }, - { - "name" : "97700", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97700" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Leak" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170405-02-smartphone-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170405-02-smartphone-en" + }, + { + "name": "97700", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97700" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2759.json b/2017/2xxx/CVE-2017-2759.json index 70291ecc4af..4922246ed33 100644 --- a/2017/2xxx/CVE-2017-2759.json +++ b/2017/2xxx/CVE-2017-2759.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-2759", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-2759", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2880.json b/2017/2xxx/CVE-2017-2880.json index e6d0c60292d..949b80f4244 100644 --- a/2017/2xxx/CVE-2017-2880.json +++ b/2017/2xxx/CVE-2017-2880.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "DATE_PUBLIC" : "2017-10-05T00:00:00", - "ID" : "CVE-2017-2880", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Computerinsel Photoline", - "version" : { - "version_data" : [ - { - "version_value" : "20.02" - } - ] - } - } - ] - }, - "vendor_name" : "Talos" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. A specially crafted .GIF file can cause a vulnerability resulting in potential code execution. An attacker can send specific .GIF file to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "DATE_PUBLIC": "2017-10-05T00:00:00", + "ID": "CVE-2017-2880", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Computerinsel Photoline", + "version": { + "version_data": [ + { + "version_value": "20.02" + } + ] + } + } + ] + }, + "vendor_name": "Talos" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0387", - "refsource" : "MISC", - "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0387" - }, - { - "name" : "101188", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. A specially crafted .GIF file can cause a vulnerability resulting in potential code execution. An attacker can send specific .GIF file to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0387", + "refsource": "MISC", + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0387" + }, + { + "name": "101188", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101188" + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6357.json b/2017/6xxx/CVE-2017-6357.json index d8f8c00f163..45f92f4922e 100644 --- a/2017/6xxx/CVE-2017-6357.json +++ b/2017/6xxx/CVE-2017-6357.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6357", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6357", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6663.json b/2017/6xxx/CVE-2017-6663.json index 54301f696cf..151b30698ee 100644 --- a/2017/6xxx/CVE-2017-6663.json +++ b/2017/6xxx/CVE-2017-6663.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2017-6663", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco IOS and IOS XE", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco IOS and IOS XE" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service Vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2017-6663", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco IOS and IOS XE", + "version": { + "version_data": [ + { + "version_value": "Cisco IOS and IOS XE" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos" - }, - { - "name" : "99973", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99973" - }, - { - "name" : "1038999", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038999" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1038999", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038999" + }, + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos" + }, + { + "name": "99973", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99973" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11161.json b/2018/11xxx/CVE-2018-11161.json index 930d2b235e0..394d22f9a3c 100644 --- a/2018/11xxx/CVE-2018-11161.json +++ b/2018/11xxx/CVE-2018-11161.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11161", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 19 of 46)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11161", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2018/May/71" - }, - { - "name" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html" - }, - { - "name" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 19 of 46)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2018/May/71" + }, + { + "name": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html" + }, + { + "name": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities", + "refsource": "MISC", + "url": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11238.json b/2018/11xxx/CVE-2018-11238.json index 069642569ee..a5cbb58802f 100644 --- a/2018/11xxx/CVE-2018-11238.json +++ b/2018/11xxx/CVE-2018-11238.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11238", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11238", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11553.json b/2018/11xxx/CVE-2018-11553.json index acc2ca2ba12..415c9be7434 100644 --- a/2018/11xxx/CVE-2018-11553.json +++ b/2018/11xxx/CVE-2018-11553.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11553", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter to /login.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11553", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/helloheary/SGIN.CN-V9.4.10-product-has-XSS-in-login-page/blob/master/README.md", - "refsource" : "MISC", - "url" : "https://github.com/helloheary/SGIN.CN-V9.4.10-product-has-XSS-in-login-page/blob/master/README.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter to /login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/helloheary/SGIN.CN-V9.4.10-product-has-XSS-in-login-page/blob/master/README.md", + "refsource": "MISC", + "url": "https://github.com/helloheary/SGIN.CN-V9.4.10-product-has-XSS-in-login-page/blob/master/README.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11574.json b/2018/11xxx/CVE-2018-11574.json index 61b2a26b017..fe01baf3776 100644 --- a/2018/11xxx/CVE-2018-11574.json +++ b/2018/11xxx/CVE-2018-11574.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20180611 Buffer Overflow in pppd EAP-TLS implementation", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2018/06/11/1" - }, - { - "name" : "USN-3810-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3810-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3810-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3810-1/" + }, + { + "name": "[oss-security] 20180611 Buffer Overflow in pppd EAP-TLS implementation", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2018/06/11/1" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11580.json b/2018/11xxx/CVE-2018-11580.json index 97435718ba5..1f3afdcbecf 100644 --- a/2018/11xxx/CVE-2018-11580.json +++ b/2018/11xxx/CVE-2018-11580.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site and create hundreds of thousands of posts with custom content." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://labs.threatpress.com/mass-pages-posts-creator/", - "refsource" : "MISC", - "url" : "http://labs.threatpress.com/mass-pages-posts-creator/" - }, - { - "name" : "https://wordpress.org/plugins/mass-pagesposts-creator/#developers", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/mass-pagesposts-creator/#developers" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site and create hundreds of thousands of posts with custom content." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/plugins/mass-pagesposts-creator/#developers", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/mass-pagesposts-creator/#developers" + }, + { + "name": "http://labs.threatpress.com/mass-pages-posts-creator/", + "refsource": "MISC", + "url": "http://labs.threatpress.com/mass-pages-posts-creator/" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11639.json b/2018/11xxx/CVE-2018-11639.json index 3a77dc0f30a..2798dcee447 100644 --- a/2018/11xxx/CVE-2018-11639.json +++ b/2018/11xxx/CVE-2018-11639.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://d3adend.org/blog/?p=1398", - "refsource" : "MISC", - "url" : "https://d3adend.org/blog/?p=1398" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://d3adend.org/blog/?p=1398", + "refsource": "MISC", + "url": "https://d3adend.org/blog/?p=1398" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11736.json b/2018/11xxx/CVE-2018-11736.json index abbcf2a731b..73d9d525fab 100644 --- a/2018/11xxx/CVE-2018-11736.json +++ b/2018/11xxx/CVE-2018-11736.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11736", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11736", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/pluck-cms/pluck/issues/61", - "refsource" : "CONFIRM", - "url" : "https://github.com/pluck-cms/pluck/issues/61" - }, - { - "name" : "https://github.com/pluck-cms/pluck/releases/tag/4.7.7-dev2", - "refsource" : "CONFIRM", - "url" : "https://github.com/pluck-cms/pluck/releases/tag/4.7.7-dev2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/pluck-cms/pluck/issues/61", + "refsource": "CONFIRM", + "url": "https://github.com/pluck-cms/pluck/issues/61" + }, + { + "name": "https://github.com/pluck-cms/pluck/releases/tag/4.7.7-dev2", + "refsource": "CONFIRM", + "url": "https://github.com/pluck-cms/pluck/releases/tag/4.7.7-dev2" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14065.json b/2018/14xxx/CVE-2018-14065.json index a10ffaf68a8..a22cc5de251 100644 --- a/2018/14xxx/CVE-2018-14065.json +++ b/2018/14xxx/CVE-2018-14065.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XMLReader.php in PHPOffice Common before 0.2.9 allows XXE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/PHPOffice/Common/pull/23", - "refsource" : "MISC", - "url" : "https://github.com/PHPOffice/Common/pull/23" - }, - { - "name" : "https://github.com/PHPOffice/Common/releases/tag/0.2.9", - "refsource" : "MISC", - "url" : "https://github.com/PHPOffice/Common/releases/tag/0.2.9" - }, - { - "name" : "https://github.com/PHPOffice/PHPWord/issues/1421", - "refsource" : "MISC", - "url" : "https://github.com/PHPOffice/PHPWord/issues/1421" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XMLReader.php in PHPOffice Common before 0.2.9 allows XXE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/PHPOffice/Common/releases/tag/0.2.9", + "refsource": "MISC", + "url": "https://github.com/PHPOffice/Common/releases/tag/0.2.9" + }, + { + "name": "https://github.com/PHPOffice/PHPWord/issues/1421", + "refsource": "MISC", + "url": "https://github.com/PHPOffice/PHPWord/issues/1421" + }, + { + "name": "https://github.com/PHPOffice/Common/pull/23", + "refsource": "MISC", + "url": "https://github.com/PHPOffice/Common/pull/23" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14484.json b/2018/14xxx/CVE-2018-14484.json index de1810844ad..5387f375a65 100644 --- a/2018/14xxx/CVE-2018-14484.json +++ b/2018/14xxx/CVE-2018-14484.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14484", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14484", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14800.json b/2018/14xxx/CVE-2018-14800.json index b6f84e081f3..5ee7917cf96 100644 --- a/2018/14xxx/CVE-2018-14800.json +++ b/2018/14xxx/CVE-2018-14800.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2018-10-02T00:00:00", - "ID" : "CVE-2018-14800", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ISPSoft", - "version" : { - "version_data" : [ - { - "version_value" : "Version 3.0.5 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Delta Electronics" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "STACK-BASED BUFFER OVERFLOW CWE-121" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2018-10-02T00:00:00", + "ID": "CVE-2018-14800", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ISPSoft", + "version": { + "version_data": [ + { + "version_value": "Version 3.0.5 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Delta Electronics" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01" - }, - { - "name" : "105485", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105485" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "STACK-BASED BUFFER OVERFLOW CWE-121" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01" + }, + { + "name": "105485", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105485" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14850.json b/2018/14xxx/CVE-2018-14850.json index 5be73332a92..48fdffe95c6 100644 --- a/2018/14xxx/CVE-2018-14850.json +++ b/2018/14xxx/CVE-2018-14850.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14850", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14850", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20180802 Re: Stored XSS vulnerabilities in Tiki <= 18.1", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2018/08/02/2" - }, - { - "name" : "[oss-security] 20180802 Stored XSS vulnerabilities in Tiki <= 18.1", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2018/08/02/1" - }, - { - "name" : "https://sourceforge.net/p/tikiwiki/code/66990", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/p/tikiwiki/code/66990" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/tikiwiki/code/66990", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/p/tikiwiki/code/66990" + }, + { + "name": "[oss-security] 20180802 Stored XSS vulnerabilities in Tiki <= 18.1", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2018/08/02/1" + }, + { + "name": "[oss-security] 20180802 Re: Stored XSS vulnerabilities in Tiki <= 18.1", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2018/08/02/2" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14930.json b/2018/14xxx/CVE-2018-14930.json index b59175cdd41..a63506356b3 100644 --- a/2018/14xxx/CVE-2018-14930.json +++ b/2018/14xxx/CVE-2018-14930.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14930", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14930", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15023.json b/2018/15xxx/CVE-2018-15023.json index 606c6bca39d..f35e5a49b25 100644 --- a/2018/15xxx/CVE-2018-15023.json +++ b/2018/15xxx/CVE-2018-15023.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15023", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15023", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15064.json b/2018/15xxx/CVE-2018-15064.json index a563c908915..b93c8fff83b 100644 --- a/2018/15xxx/CVE-2018-15064.json +++ b/2018/15xxx/CVE-2018-15064.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15064", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15064", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15439.json b/2018/15xxx/CVE-2018-15439.json index 33a0f780516..5ecad06888c 100644 --- a/2018/15xxx/CVE-2018-15439.json +++ b/2018/15xxx/CVE-2018-15439.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2018-11-07T16:00:00-0600", - "ID" : "CVE-2018-15439", - "STATE" : "PUBLIC", - "TITLE" : "Cisco Small Business Switches Privileged Access Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Small Business 300 Series Managed Switches ", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "9.8", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-798" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2018-11-07T16:00:00-0600", + "ID": "CVE-2018-15439", + "STATE": "PUBLIC", + "TITLE": "Cisco Small Business Switches Privileged Access Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Small Business 300 Series Managed Switches ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20181107 Cisco Small Business Switches Privileged Access Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc" - }, - { - "name" : "105873", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105873" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20181107-sbsw-privacc", - "defect" : [ - [ - "CSCvk20713", - "CSCvm11846" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "9.8", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105873", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105873" + }, + { + "name": "20181107 Cisco Small Business Switches Privileged Access Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc" + } + ] + }, + "source": { + "advisory": "cisco-sa-20181107-sbsw-privacc", + "defect": [ + [ + "CSCvk20713", + "CSCvm11846" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15597.json b/2018/15xxx/CVE-2018-15597.json index 0958838d8cd..655019654f3 100644 --- a/2018/15xxx/CVE-2018-15597.json +++ b/2018/15xxx/CVE-2018-15597.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15597", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15597", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20370.json b/2018/20xxx/CVE-2018-20370.json index 1ec05ef1c30..1fc709dd9fc 100644 --- a/2018/20xxx/CVE-2018-20370.json +++ b/2018/20xxx/CVE-2018-20370.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vulnerability-lab.com/get_content.php?id=2171", - "refsource" : "MISC", - "url" : "https://www.vulnerability-lab.com/get_content.php?id=2171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.vulnerability-lab.com/get_content.php?id=2171", + "refsource": "MISC", + "url": "https://www.vulnerability-lab.com/get_content.php?id=2171" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20614.json b/2018/20xxx/CVE-2018-20614.json index 51753028527..81e509aab5c 100644 --- a/2018/20xxx/CVE-2018-20614.json +++ b/2018/20xxx/CVE-2018-20614.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20614", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "public\\install\\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20614", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/AvaterXXX/CVEs/blob/master/cim.md#reload-application", - "refsource" : "MISC", - "url" : "https://github.com/AvaterXXX/CVEs/blob/master/cim.md#reload-application" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "public\\install\\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/AvaterXXX/CVEs/blob/master/cim.md#reload-application", + "refsource": "MISC", + "url": "https://github.com/AvaterXXX/CVEs/blob/master/cim.md#reload-application" + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8197.json b/2018/8xxx/CVE-2018-8197.json index d74bdc81a5f..ce4c23b80bc 100644 --- a/2018/8xxx/CVE-2018-8197.json +++ b/2018/8xxx/CVE-2018-8197.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8197", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8197", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8325.json b/2018/8xxx/CVE-2018-8325.json index 9addd21784f..38baecc933c 100644 --- a/2018/8xxx/CVE-2018-8325.json +++ b/2018/8xxx/CVE-2018-8325.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2018-8325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability.\" This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8324." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2018-8325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325" - }, - { - "name" : "104651", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104651" - }, - { - "name" : "1041255", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041255" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability.\" This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8289, CVE-2018-8297, CVE-2018-8324." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104651", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104651" + }, + { + "name": "1041255", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041255" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325" + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8742.json b/2018/8xxx/CVE-2018-8742.json index aa3f926a20f..42418e8f48e 100644 --- a/2018/8xxx/CVE-2018-8742.json +++ b/2018/8xxx/CVE-2018-8742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8745.json b/2018/8xxx/CVE-2018-8745.json index a08500cb24f..3c3d87d5fdc 100644 --- a/2018/8xxx/CVE-2018-8745.json +++ b/2018/8xxx/CVE-2018-8745.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8745", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8745", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file