admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:23:47 +00:00
parent db35e7081b
commit fff8f5014b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 4372 additions and 4372 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2001/1xxx/CVE-2001-1072.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1072",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1072",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail."
"lang": "eng",
"value": "Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010812 Are your mod_rewrite rules doing what you expect?",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/203955"
"name": "http://www.apacheweek.com/issues/02-02-01#security",
"refsource": "CONFIRM",
"url": "http://www.apacheweek.com/issues/02-02-01#security"
},
{
"name" : "http://www.apacheweek.com/issues/02-02-01#security",
"refsource" : "CONFIRM",
"url" : "http://www.apacheweek.com/issues/02-02-01#security"
"name": "3176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3176"
},
{
"name" : "3176",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/3176"
"name": "20010812 Are your mod_rewrite rules doing what you expect?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/203955"
},
{
"name" : "apache-rewrite-bypass-directives(8633)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/8633"
"name": "apache-rewrite-bypass-directives(8633)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8633"
}
]
}

80
2001/1xxx/CVE-2001-1323.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1323",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1323",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function."
"lang": "eng",
"value": "Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010426 Security advisory: krb5 ftpd buffer overflows",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=98826223517788&w=2"
"name": "RHSA-2001:060",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-060.html"
},
{
"name" : "IMNX-2001-70-022-01",
"refsource" : "IMMUNIX",
"url" : "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-022-01"
"name": "20010426 Security advisory: krb5 ftpd buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98826223517788&w=2"
},
{
"name" : "http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt",
"refsource" : "CONFIRM",
"url" : "http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt"
"name": "http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt",
"refsource": "CONFIRM",
"url": "http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt"
},
{
"name" : "RHSA-2001:060",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2001-060.html"
"name": "IMNX-2001-70-022-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-022-01"
}
]
}

80
2001/1xxx/CVE-2001-1453.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1453",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1453",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter."
"lang": "eng",
"value": "Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010209 Some more MySql security issues",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/161917"
"name": "VU#123384",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/123384"
},
{
"name" : "http://dev.mysql.com/doc/mysql/en/news-3-23-33.html",
"refsource" : "CONFIRM",
"url" : "http://dev.mysql.com/doc/mysql/en/news-3-23-33.html"
"name": "mysql-libmysqlclient-bo(6418)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6418"
},
{
"name" : "VU#123384",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/123384"
"name": "20010209 Some more MySql security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/161917"
},
{
"name" : "mysql-libmysqlclient-bo(6418)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6418"
"name": "http://dev.mysql.com/doc/mysql/en/news-3-23-33.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/mysql/en/news-3-23-33.html"
}
]
}

62
2001/1xxx/CVE-2001-1578.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1578",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1578",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors."
"lang": "eng",
"value": "Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "CSSA-2001-SCO.35",
"refsource" : "CALDERA",
"url" : "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
"name": "CSSA-2001-SCO.35",
"refsource": "CALDERA",
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
}
]
}

74
2006/2xxx/CVE-2006-2037.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2037",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2037",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 Beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the navpath parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 Beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the navpath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060420 ThWboard 3 Beta 2.84 Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431509/100/0/threaded"
"name": "17627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17627"
},
{
"name" : "17627",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17627"
"name": "thwboard-index-xss(25953)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25953"
},
{
"name" : "thwboard-index-xss(25953)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25953"
"name": "20060420 ThWboard 3 Beta 2.84 Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431509/100/0/threaded"
}
]
}

104
2006/2xxx/CVE-2006-2633.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2633",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2633",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter."
"lang": "eng",
"value": "Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060523 ByteHoard <= 2.1 multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435135/100/0/threaded"
"name": "ADV-2006-2033",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2033"
},
{
"name" : "http://sourceforge.net/forum/forum.php?forum_id=576219",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/forum/forum.php?forum_id=576219"
"name": "20060523 ByteHoard <= 2.1 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435135/100/0/threaded"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199"
"name": "http://sourceforge.net/forum/forum.php?forum_id=576219",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=576219"
},
{
"name" : "18139",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18139"
"name": "18139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18139"
},
{
"name" : "ADV-2006-2033",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2033"
"name": "bytehoard-index-directory-traversal(26705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26705"
},
{
"name" : "20304",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20304"
"name": "20304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20304"
},
{
"name" : "968",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/968"
"name": "968",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/968"
},
{
"name" : "bytehoard-index-directory-traversal(26705)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26705"
"name": "http://sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199"
}
]
}

86
2006/2xxx/CVE-2006-2880.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2880",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2880",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the (1) url and (2) author fields."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the (1) url and (2) author fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=422015",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=422015"
"name": "http://sourceforge.net/project/shownotes.php?release_id=422015",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=422015"
},
{
"name" : "18292",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18292"
"name": "18292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18292"
},
{
"name" : "ADV-2006-2153",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2153"
"name": "ADV-2006-2153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2153"
},
{
"name" : "20436",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20436"
"name": "pyblosxom-comments-xss(26945)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26945"
},
{
"name" : "pyblosxom-comments-xss(26945)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26945"
"name": "20436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20436"
}
]
}

92
2006/2xxx/CVE-2006-2986.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2986",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2986",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060607 Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436411/100/0/threaded"
"name": "ADV-2006-2238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2238"
},
{
"name" : "18350",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18350"
"name": "20533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20533"
},
{
"name" : "ADV-2006-2238",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2238"
"name": "18350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18350"
},
{
"name" : "20533",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20533"
"name": "1084",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1084"
},
{
"name" : "1084",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1084"
"name": "20060607 Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436411/100/0/threaded"
},
{
"name" : "vscal-vsreal-index-myslideshow-xss(27095)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27095"
"name": "vscal-vsreal-index-myslideshow-xss(27095)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27095"
}
]
}

110
2006/6xxx/CVE-2006-6047.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6047",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6047",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php."
"lang": "eng",
"value": "Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061116 Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion )",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451838/100/0/threaded"
"name": "22885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22885"
},
{
"name" : "20061117 Re: Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion )",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451930/100/0/threaded"
"name": "2790",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2790"
},
{
"name" : "http://www.0xcafebabe.it/sploits/etm_0612_remote_com.pl",
"refsource" : "MISC",
"url" : "http://www.0xcafebabe.it/sploits/etm_0612_remote_com.pl"
"name": "20061117 Re: Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion )",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451930/100/0/threaded"
},
{
"name" : "http://www.etomite.org/forums/index.php?showtopic=6388",
"refsource" : "MISC",
"url" : "http://www.etomite.org/forums/index.php?showtopic=6388"
"name": "http://www.0xcafebabe.it/sploits/etm_0612_remote_com.pl",
"refsource": "MISC",
"url": "http://www.0xcafebabe.it/sploits/etm_0612_remote_com.pl"
},
{
"name" : "2790",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2790"
"name": "21135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21135"
},
{
"name" : "21135",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21135"
"name": "ADV-2006-4558",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4558"
},
{
"name" : "ADV-2006-4558",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4558"
"name": "http://www.etomite.org/forums/index.php?showtopic=6388",
"refsource": "MISC",
"url": "http://www.etomite.org/forums/index.php?showtopic=6388"
},
{
"name" : "22885",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22885"
"name": "etomite-index-file-include(30329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30329"
},
{
"name" : "etomite-index-file-include(30329)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30329"
"name": "20061116 Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local file inclusion )",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451838/100/0/threaded"
}
]
}

86
2006/6xxx/CVE-2006-6063.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6063",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6063",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName."
"lang": "eng",
"value": "Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2815",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2815"
"name": "21206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21206"
},
{
"name" : "21206",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21206"
"name": "ADV-2006-4636",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4636"
},
{
"name" : "ADV-2006-4636",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4636"
"name": "2815",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2815"
},
{
"name" : "22999",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22999"
"name": "xmplay-m3u-bo(30436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30436"
},
{
"name" : "xmplay-m3u-bo(30436)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30436"
"name": "22999",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22999"
}
]
}

98
2006/6xxx/CVE-2006-6208.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6208",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6208",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id parameters to (a) ad.asp, the (5) cid parameter to (b) dircat.asp, and the (6) sid parameter to (c) dirSub.asp."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id parameters to (a) ad.asp, the (5) cid parameter to (b) dircat.asp, and the (6) sid parameter to (c) dirSub.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061119 eClassifieds [injection sql]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452102/100/100/threaded"
"name": "23050",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23050"
},
{
"name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=46",
"refsource" : "MISC",
"url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=46"
"name": "21192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21192"
},
{
"name" : "21192",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21192"
"name": "20061119 eClassifieds [injection sql]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452102/100/100/threaded"
},
{
"name" : "ADV-2006-4642",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4642"
"name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=46",
"refsource": "MISC",
"url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=46"
},
{
"name" : "23050",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23050"
"name": "1943",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1943"
},
{
"name" : "1943",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1943"
"name": "eclassifieds-ad-sql-injection(30423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30423"
},
{
"name" : "eclassifieds-ad-sql-injection(30423)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30423"
"name": "ADV-2006-4642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4642"
}
]
}

92
2006/6xxx/CVE-2006-6359.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6359",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6359",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Stefan Frech online-bookmarks 0.6.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Stefan Frech online-bookmarks 0.6.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061203 Online BookMarks Multiple SQL Injection/XSS Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=116525508018486&w=2"
"name": "23169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23169"
},
{
"name" : "http://www.vigilon.com/resources/120406.html",
"refsource" : "MISC",
"url" : "http://www.vigilon.com/resources/120406.html"
"name": "21422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21422"
},
{
"name" : "21422",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21422"
"name": "ADV-2006-4849",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4849"
},
{
"name" : "ADV-2006-4849",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4849"
"name": "20061203 Online BookMarks Multiple SQL Injection/XSS Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=116525508018486&w=2"
},
{
"name" : "23169",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23169"
"name": "onlinebookmarks-login-xss(30697)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30697"
},
{
"name" : "onlinebookmarks-login-xss(30697)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30697"
"name": "http://www.vigilon.com/resources/120406.html",
"refsource": "MISC",
"url": "http://www.vigilon.com/resources/120406.html"
}
]
}

128
2006/6xxx/CVE-2006-6652.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6652",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6652",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion."
"lang": "eng",
"value": "Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061201 NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE***",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305391",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305391"
"name": "NetBSD-SA2006-027",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
},
{
"name" : "APPLE-SA-2007-04-19",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
"name": "1017386",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017386"
},
{
"name" : "NetBSD-SA2006-027",
"refsource" : "NETBSD",
"url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name" : "TA07-109A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
"name": "netbsd-ftpd-glob-bo(30670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
},
{
"name" : "21377",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21377"
"name": "31781",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31781"
},
{
"name" : "ADV-2007-1470",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1470"
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name" : "31781",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31781"
"name": "23178",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23178"
},
{
"name" : "1017386",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017386"
"name": "20061201 NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE***",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
},
{
"name" : "24966",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24966"
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name" : "23178",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23178"
"name": "21377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21377"
},
{
"name" : "netbsd-ftpd-glob-bo(30670)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
]
}

356
2006/7xxx/CVE-2006-7228.json
View File

@ -1,306 +1,306 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7228",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-7228",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split."
"lang": "eng",
"value": "Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=383371",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=383371"
},
{
"name" : "20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/490917/100/0/threaded"
"name": "30219",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30219"
},
{
"name" : "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
"refsource" : "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
"name": "27776",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27776"
},
{
"name" : "[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"refsource" : "MLIST",
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000014.html"
"name": "GLSA-200711-30",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
},
{
"name" : "http://scary.beasts.org/security/CESA-2007-006.html",
"refsource" : "MISC",
"url" : "http://scary.beasts.org/security/CESA-2007-006.html"
"name": "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=383371",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=383371"
"name": "28050",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28050"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=198976",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=198976"
"name": "MDVSA-2008:030",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
},
{
"name" : "http://www.pcre.org/changelog.txt",
"refsource" : "CONFIRM",
"url" : "http://www.pcre.org/changelog.txt"
"name": "RHSA-2008:0546",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
"name": "DSA-1570",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1570"
},
{
"name" : "DSA-1570",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1570"
"name": "SUSE-SA:2008:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"name" : "GLSA-200711-30",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200711-30.xml"
"name": "28658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28658"
},
{
"name" : "GLSA-200801-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200801-02.xml"
"name": "27773",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27773"
},
{
"name" : "GLSA-200801-18",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200801-18.xml"
"name": "28406",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28406"
},
{
"name" : "GLSA-200801-19",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200801-19.xml"
"name": "20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490917/100/0/threaded"
},
{
"name" : "GLSA-200802-10",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200802-10.xml"
"name": "29032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29032"
},
{
"name" : "GLSA-200805-11",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200805-11.xml"
"name": "RHSA-2007:1065",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1065.html"
},
{
"name" : "MDVSA-2008:012",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:012"
"name": "31124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31124"
},
{
"name" : "MDVSA-2008:030",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
"name": "29085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29085"
},
{
"name" : "RHSA-2007:1063",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1063.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
},
{
"name" : "RHSA-2007:1065",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1065.html"
"name": "RHSA-2007:1077",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
},
{
"name" : "RHSA-2007:1059",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1059.html"
"name": "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
},
{
"name" : "RHSA-2007:1068",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
"name": "26462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26462"
},
{
"name" : "RHSA-2007:1076",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
"name": "29785",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29785"
},
{
"name" : "RHSA-2007:1077",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
"name": "RHSA-2007:1076",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
},
{
"name" : "RHSA-2008:0546",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
"name": "RHSA-2007:1068",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
},
{
"name" : "SUSE-SA:2007:062",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
"name": "ADV-2008-0637",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0637"
},
{
"name" : "SUSE-SA:2008:004",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
"name": "GLSA-200805-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
},
{
"name" : "26462",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26462"
"name": "RHSA-2007:1059",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1059.html"
},
{
"name" : "oval:org.mitre.oval:def:10810",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810"
"name": "ADV-2008-1234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1234/references"
},
{
"name" : "ADV-2008-0637",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0637"
"name": "28041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28041"
},
{
"name" : "ADV-2008-1234",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1234/references"
"name": "GLSA-200802-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-10.xml"
},
{
"name" : "27582",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27582"
"name": "28027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28027"
},
{
"name" : "27741",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27741"
"name": "27741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27741"
},
{
"name" : "27773",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27773"
"name": "oval:org.mitre.oval:def:10810",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810"
},
{
"name" : "27776",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27776"
"name": "MDVSA-2008:012",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:012"
},
{
"name" : "28027",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28027"
"name": "SUSE-SA:2007:062",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
},
{
"name" : "28050",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28050"
"name": "http://www.pcre.org/changelog.txt",
"refsource": "CONFIRM",
"url": "http://www.pcre.org/changelog.txt"
},
{
"name" : "28041",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28041"
"name": "30155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30155"
},
{
"name" : "28406",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28406"
"name": "RHSA-2007:1063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1063.html"
},
{
"name" : "28414",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28414"
"name": "28720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28720"
},
{
"name" : "28658",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28658"
"name": "GLSA-200801-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
},
{
"name" : "28714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28714"
"name": "27582",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27582"
},
{
"name" : "28720",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28720"
"name": "[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000014.html"
},
{
"name" : "29032",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29032"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=198976",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
},
{
"name" : "29085",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29085"
"name": "http://scary.beasts.org/security/CESA-2007-006.html",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2007-006.html"
},
{
"name" : "29785",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29785"
"name": "GLSA-200801-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
},
{
"name" : "30155",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30155"
"name": "GLSA-200801-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
},
{
"name" : "30219",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30219"
"name": "28414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28414"
},
{
"name" : "31124",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31124"
"name": "30106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30106"
},
{
"name" : "30106",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30106"
"name": "28714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28714"
}
]
}

80
2011/0xxx/CVE-2011-0618.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0618",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-0618",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors."
"lang": "eng",
"value": "Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
"name": "oval:org.mitre.oval:def:14106",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14106"
},
{
"name" : "SUSE-SA:2011:025",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html"
"name": "oval:org.mitre.oval:def:16041",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16041"
},
{
"name" : "oval:org.mitre.oval:def:14106",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14106"
"name": "http://www.adobe.com/support/security/bulletins/apsb11-12.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"name" : "oval:org.mitre.oval:def:16041",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16041"
"name": "SUSE-SA:2011:025",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html"
}
]
}

86
2011/0xxx/CVE-2011-0901.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0901",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0901",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "70749",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70749"
"name": "terminal-server-username-bo(65101)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65101"
},
{
"name" : "43120",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43120"
"name": "43120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43120"
},
{
"name" : "terminal-server-domain-bo(65103)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65103"
"name": "70749",
"refsource": "OSVDB",
"url": "http://osvdb.org/70749"
},
{
"name" : "terminal-server-password-bo(65102)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65102"
"name": "terminal-server-domain-bo(65103)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65103"
},
{
"name" : "terminal-server-username-bo(65101)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65101"
"name": "terminal-server-password-bo(65102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65102"
}
]
}

68
2011/2xxx/CVE-2011-2244.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2244",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-2244",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality and integrity via unknown vectors related to Authentication."
"lang": "eng",
"value": "Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality and integrity via unknown vectors related to Authentication."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
"name": "TA11-201A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
},
{
"name" : "TA11-201A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
}
]
}

62
2011/2xxx/CVE-2011-2316.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2316",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-2316",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel Apps - Marketing component in Oracle Siebel CRM 8.0.0 allows remote attackers to affect integrity via unknown vectors related to Email Marketing."
"lang": "eng",
"value": "Unspecified vulnerability in the Siebel Apps - Marketing component in Oracle Siebel CRM 8.0.0 allows remote attackers to affect integrity via unknown vectors related to Email Marketing."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
}
]
}

86
2011/2xxx/CVE-2011-2760.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2760",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2760",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Brocade BigIron RX switches allow remote attackers to bypass ACL rules by using 179 as the source port of a packet."
"lang": "eng",
"value": "Brocade BigIron RX switches allow remote attackers to bypass ACL rules by using 179 as the source port of a packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "VU#853246",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/853246"
"name": "bigiron-acl-security-bypass(68535)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68535"
},
{
"name" : "48663",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48663"
"name": "73869",
"refsource": "OSVDB",
"url": "http://osvdb.org/73869"
},
{
"name" : "73869",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/73869"
"name": "45217",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45217"
},
{
"name" : "45217",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/45217"
"name": "48663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48663"
},
{
"name" : "bigiron-acl-security-bypass(68535)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68535"
"name": "VU#853246",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/853246"
}
]
}

92
2011/3xxx/CVE-2011-3148.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3148",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3148",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file."
"lang": "eng",
"value": "Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d",
"refsource" : "CONFIRM",
"url" : "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d"
"name": "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469"
"name": "GLSA-201206-31",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201206-31.xml"
},
{
"name" : "GLSA-201206-31",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201206-31.xml"
"name": "USN-1237-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1237-1"
},
{
"name" : "USN-1237-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1237-1"
"name": "46583",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46583"
},
{
"name" : "46583",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46583"
"name": "49711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49711"
},
{
"name" : "49711",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49711"
"name": "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d",
"refsource": "CONFIRM",
"url": "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d"
}
]
}

146
2011/3xxx/CVE-2011-3323.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3323",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-3323",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length."
"lang": "eng",
"value": "The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.cert.fi/en/reports/2011/vulnerability539178.html",
"refsource" : "MISC",
"url" : "https://www.cert.fi/en/reports/2011/vulnerability539178.html"
"name": "http://code.quagga.net/?p=quagga.git;a=commit;h=abc7ef44ca05493500865ce81f7b84f5c4eb6594",
"refsource": "CONFIRM",
"url": "http://code.quagga.net/?p=quagga.git;a=commit;h=abc7ef44ca05493500865ce81f7b84f5c4eb6594"
},
{
"name" : "http://code.quagga.net/?p=quagga.git;a=commit;h=abc7ef44ca05493500865ce81f7b84f5c4eb6594",
"refsource" : "CONFIRM",
"url" : "http://code.quagga.net/?p=quagga.git;a=commit;h=abc7ef44ca05493500865ce81f7b84f5c4eb6594"
"name": "http://www.quagga.net/download/quagga-0.99.19.changelog.txt",
"refsource": "CONFIRM",
"url": "http://www.quagga.net/download/quagga-0.99.19.changelog.txt"
},
{
"name" : "http://www.quagga.net/download/quagga-0.99.19.changelog.txt",
"refsource" : "CONFIRM",
"url" : "http://www.quagga.net/download/quagga-0.99.19.changelog.txt"
"name": "VU#668534",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/668534"
},
{
"name" : "DSA-2316",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2316"
"name": "DSA-2316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2316"
},
{
"name" : "GLSA-201202-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201202-02.xml"
"name": "RHSA-2012:1259",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1259.html"
},
{
"name" : "RHSA-2012:1258",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
"name": "https://www.cert.fi/en/reports/2011/vulnerability539178.html",
"refsource": "MISC",
"url": "https://www.cert.fi/en/reports/2011/vulnerability539178.html"
},
{
"name" : "RHSA-2012:1259",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1259.html"
"name": "46139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46139"
},
{
"name" : "SUSE-SU-2011:1075",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html"
"name": "SUSE-SU-2011:1075",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html"
},
{
"name" : "openSUSE-SU-2011:1155",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html"
"name": "openSUSE-SU-2011:1155",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html"
},
{
"name" : "SUSE-SU-2011:1171",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html"
"name": "GLSA-201202-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201202-02.xml"
},
{
"name" : "SUSE-SU-2011:1316",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
"name": "RHSA-2012:1258",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html"
},
{
"name" : "VU#668534",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/668534"
"name": "SUSE-SU-2011:1316",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html"
},
{
"name" : "46139",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46139"
"name": "46274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46274"
},
{
"name" : "46274",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46274"
"name": "48106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48106"
},
{
"name" : "48106",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48106"
"name": "SUSE-SU-2011:1171",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html"
}
]
}

140
2011/3xxx/CVE-2011-3597.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3597",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3597",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor."
"lang": "eng",
"value": "Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc"
"name": "RHSA-2011:1797",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1797.html"
},
{
"name" : "http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes",
"refsource" : "CONFIRM",
"url" : "http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=743010",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=743010"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=743010",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=743010"
"name": "MDVSA-2012:009",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:009"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735"
"name": "http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
"name": "USN-1643-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1643-1"
},
{
"name" : "MDVSA-2012:008",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:008"
"name": "oval:org.mitre.oval:def:19446",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446"
},
{
"name" : "MDVSA-2012:009",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:009"
"name": "MDVSA-2012:008",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:008"
},
{
"name" : "RHSA-2011:1424",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1424.html"
"name": "RHSA-2011:1424",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1424.html"
},
{
"name" : "RHSA-2011:1797",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1797.html"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
},
{
"name" : "USN-1643-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1643-1"
"name": "46279",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46279"
},
{
"name" : "49911",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/49911"
"name": "51457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51457"
},
{
"name" : "oval:org.mitre.oval:def:19446",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735"
},
{
"name" : "46279",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46279"
"name": "http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes",
"refsource": "CONFIRM",
"url": "http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes"
},
{
"name" : "51457",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51457"
"name": "49911",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49911"
}
]
}

176
2011/3xxx/CVE-2011-3658.json
View File

@ -1,156 +1,156 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3658",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3658",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements."
"lang": "eng",
"value": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html"
"name": "openSUSE-SU-2012:0417",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=708186",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=708186"
"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-55.html"
},
{
"name" : "MDVSA-2011:192",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"
"name": "MDVSA-2012:031",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"
},
{
"name" : "MDVSA-2012:031",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:031"
"name": "MDVSA-2011:192",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:192"
},
{
"name" : "openSUSE-SU-2012:0007",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"
"name": "48823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48823"
},
{
"name" : "openSUSE-SU-2012:0039",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"
"name": "USN-1401-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1401-1"
},
{
"name" : "openSUSE-SU-2012:0417",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html"
"name": "47334",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47334"
},
{
"name" : "USN-1401-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1401-1"
"name": "1026447",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026447"
},
{
"name" : "77953",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77953"
"name": "1026446",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026446"
},
{
"name" : "oval:org.mitre.oval:def:14664",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664"
"name": "49055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49055"
},
{
"name" : "1026445",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026445"
"name": "firefox-domattrmodified-code-exec(71910)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71910"
},
{
"name" : "1026446",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026446"
"name": "1026445",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026445"
},
{
"name" : "1026447",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026447"
"name": "77953",
"refsource": "OSVDB",
"url": "http://osvdb.org/77953"
},
{
"name" : "47302",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47302"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=708186",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=708186"
},
{
"name" : "47334",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47334"
"name": "48495",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48495"
},
{
"name" : "48495",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48495"
"name": "48553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48553"
},
{
"name" : "48553",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48553"
"name": "47302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47302"
},
{
"name" : "49055",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49055"
"name": "openSUSE-SU-2012:0039",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00009.html"
},
{
"name" : "48823",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48823"
"name": "oval:org.mitre.oval:def:14664",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14664"
},
{
"name" : "firefox-domattrmodified-code-exec(71910)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71910"
"name": "openSUSE-SU-2012:0007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00001.html"
}
]
}

86
2011/3xxx/CVE-2011-3945.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3945",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-3945",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file."
"lang": "eng",
"value": "The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ffmpeg.org/",
"refsource" : "CONFIRM",
"url" : "http://ffmpeg.org/"
"name": "MDVSA-2012:076",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076"
},
{
"name" : "http://git.libav.org/?p=libav.git;a=commit;h=a02e8df973f5478ec82f4c507f5b5b191a5ecb6b",
"refsource" : "CONFIRM",
"url" : "http://git.libav.org/?p=libav.git;a=commit;h=a02e8df973f5478ec82f4c507f5b5b191a5ecb6b"
"name": "http://git.libav.org/?p=libav.git;a=commit;h=a02e8df973f5478ec82f4c507f5b5b191a5ecb6b",
"refsource": "CONFIRM",
"url": "http://git.libav.org/?p=libav.git;a=commit;h=a02e8df973f5478ec82f4c507f5b5b191a5ecb6b"
},
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=807a045ab7f51993a2c1b3116016cbbd4f3d20d6",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=807a045ab7f51993a2c1b3116016cbbd4f3d20d6"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=807a045ab7f51993a2c1b3116016cbbd4f3d20d6",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=807a045ab7f51993a2c1b3116016cbbd4f3d20d6"
},
{
"name" : "http://libav.org/",
"refsource" : "CONFIRM",
"url" : "http://libav.org/"
"name": "http://ffmpeg.org/",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/"
},
{
"name" : "MDVSA-2012:076",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:076"
"name": "http://libav.org/",
"refsource": "CONFIRM",
"url": "http://libav.org/"
}
]
}

74
2011/3xxx/CVE-2011-3957.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3957",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-3957",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents."
"lang": "eng",
"value": "Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=104056",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=104056"
"name": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"name" : "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
"name": "oval:org.mitre.oval:def:14675",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14675"
},
{
"name" : "oval:org.mitre.oval:def:14675",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14675"
"name": "http://code.google.com/p/chromium/issues/detail?id=104056",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=104056"
}
]
}

22
2011/4xxx/CVE-2011-4011.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4011",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4011",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2011/4xxx/CVE-2011-4038.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4038",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4038",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf"
},
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-039-01.pdf"
},
{
"name" : "47742",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47742"
"name": "47742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47742"
},
{
"name" : "47933",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47933"
"name": "47933",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47933"
}
]
}

62
2011/4xxx/CVE-2011-4194.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4194",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4194",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field."
"lang": "eng",
"value": "Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.novell.com/support/viewContent.do?externalId=7010084",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7010084"
"name": "http://www.novell.com/support/viewContent.do?externalId=7010084",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7010084"
}
]
}

68
2011/4xxx/CVE-2011-4515.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4515",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4515",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access."
"lang": "eng",
"value": "Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf",
"refsource" : "MISC",
"url" : "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf"
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf"
},
{
"name" : "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
}
]
}

68
2011/4xxx/CVE-2011-4851.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4851",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4851",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in server/google-tools/ and certain other files."
"lang": "eng",
"value": "The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in server/google-tools/ and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html",
"refsource" : "MISC",
"url" : "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html"
"name": "ppp-cp-autocomplete-sec-bypass(72226)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72226"
},
{
"name" : "ppp-cp-autocomplete-sec-bypass(72226)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72226"
"name": "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html",
"refsource": "MISC",
"url": "http://xss.cx/kb/parallels/xss-parallelspleskpanel.v10.4.4_build20111103.18-os_windows-2003-2008-reflected-cross-site-scripting-cwe79-capec86-javascript-injection-example-poc-report.html"
}
]
}

86
2011/4xxx/CVE-2011-4925.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4925",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4925",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors."
"lang": "eng",
"value": "Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2012/01/05/1"
"name": "[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/01/05/1"
},
{
"name" : "[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2012/01/05/9"
"name": "47381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47381"
},
{
"name" : "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259",
"refsource" : "CONFIRM",
"url" : "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259"
"name": "[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/01/05/9"
},
{
"name" : "51224",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51224"
"name": "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259",
"refsource": "CONFIRM",
"url": "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259"
},
{
"name" : "47381",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47381"
"name": "51224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51224"
}
]
}

92
2013/1xxx/CVE-2013-1379.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1379",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2013-1379",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
"lang": "eng",
"value": "Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb13-11.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb13-11.html"
"name": "SUSE-SU-2013:0670",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00016.html"
},
{
"name" : "HPSBMU02948",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=139455789818399&w=2"
"name": "http://www.adobe.com/support/security/bulletins/apsb13-11.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb13-11.html"
},
{
"name" : "RHSA-2013:0730",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0730.html"
"name": "HPSBMU02948",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139455789818399&w=2"
},
{
"name" : "SUSE-SU-2013:0670",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00016.html"
"name": "RHSA-2013:0730",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0730.html"
},
{
"name" : "openSUSE-SU-2013:0672",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-04/msg00081.html"
"name": "openSUSE-SU-2013:0672",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00081.html"
},
{
"name" : "openSUSE-SU-2013:0675",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00019.html"
"name": "openSUSE-SU-2013:0675",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00019.html"
}
]
}

62
2013/1xxx/CVE-2013-1650.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1650",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1650",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group \"other\" readable) under opt/open-xchange/etc/, which allows local users to obtain sensitive information via standard filesystem operations."
"lang": "eng",
"value": "Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group \"other\" readable) under opt/open-xchange/etc/, which allows local users to obtain sensitive information via standard filesystem operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20130313 Open-Xchange Security Advisory 2013-03-13",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-03/0075.html"
"name": "20130313 Open-Xchange Security Advisory 2013-03-13",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-03/0075.html"
}
]
}

80
2013/5xxx/CVE-2013-5142.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5142",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2013-5142",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2) segctl API."
"lang": "eng",
"value": "The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2) segctl API."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT5934",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5934"
"name": "1029054",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029054"
},
{
"name" : "APPLE-SA-2013-09-18-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
"name": "APPLE-SA-2013-10-22-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html"
},
{
"name" : "APPLE-SA-2013-10-22-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html"
"name": "http://support.apple.com/kb/HT5934",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5934"
},
{
"name" : "1029054",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029054"
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
]
}

68
2013/5xxx/CVE-2013-5716.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5716",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5716",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file."
"lang": "eng",
"value": "Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "28080",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/28080"
"name": "62173",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62173"
},
{
"name" : "62173",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/62173"
"name": "28080",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/28080"
}
]
}

86
2014/2xxx/CVE-2014-2079.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2079",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2079",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares."
"lang": "eng",
"value": "X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20140224 Re: xfe: directory masks ignored when creating new files on Samba and NFS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/02/24/5"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1069066",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1069066"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536",
"refsource" : "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536"
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069066",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069066"
"name": "xfile-explorer-cve20142079-sec-bypass(91519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91519"
},
{
"name" : "65748",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65748"
"name": "[oss-security] 20140224 Re: xfe: directory masks ignored when creating new files on Samba and NFS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/24/5"
},
{
"name" : "xfile-explorer-cve20142079-sec-bypass(91519)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91519"
"name": "65748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65748"
}
]
}

68
2014/2xxx/CVE-2014-2092.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2092",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2092",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action parameter, a different issue than CVE-2014-0334. NOTE: the original disclosure also reported issues that may not cross privilege boundaries."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action parameter, a different issue than CVE-2014-0334. NOTE: the original disclosure also reported issues that may not cross privilege boundaries."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/125353/CMSMadeSimple-1.11.10-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/125353/CMSMadeSimple-1.11.10-Cross-Site-Scripting.html"
"name": "http://packetstormsecurity.com/files/125353/CMSMadeSimple-1.11.10-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125353/CMSMadeSimple-1.11.10-Cross-Site-Scripting.html"
},
{
"name" : "65746",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65746"
"name": "65746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65746"
}
]
}

22
2014/2xxx/CVE-2014-2304.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2304",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2304",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2014/2xxx/CVE-2014-2465.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2465",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-2465",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
}
]
}

22
2014/2xxx/CVE-2014-2651.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2651",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2651",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/6xxx/CVE-2014-6025.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6025",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6025",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Chartboost library before 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Chartboost library before 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.fireeye.com/blog/technical/2014/08/ssl-vulnerabilities-who-listens-when-android-applications-talk.html",
"refsource" : "MISC",
"url" : "http://www.fireeye.com/blog/technical/2014/08/ssl-vulnerabilities-who-listens-when-android-applications-talk.html"
"name": "http://www.fireeye.com/blog/technical/2014/08/ssl-vulnerabilities-who-listens-when-android-applications-talk.html",
"refsource": "MISC",
"url": "http://www.fireeye.com/blog/technical/2014/08/ssl-vulnerabilities-who-listens-when-android-applications-talk.html"
},
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#775305",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/775305"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#775305",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/775305"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/6xxx/CVE-2014-6106.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6106",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6106",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21698020",
"refsource" : "CONFIRM",
"url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21698020"
"name": "73167",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73167"
},
{
"name" : "73167",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73167"
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21698020",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21698020"
},
{
"name" : "ibm-sim-cve20146106-csrf(96145)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96145"
"name": "ibm-sim-cve20146106-csrf(96145)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96145"
}
]
}

22
2014/6xxx/CVE-2014-6263.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6263",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6263",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/6xxx/CVE-2014-6379.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6379",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6379",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12.1X45 before D25, 12.1X46 before D20, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S3, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D26 and D30, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when a RADIUS accounting server is configured as [system accounting destination radius], creates an entry in /var/etc/pam_radius.conf, which might allow remote attackers to bypass authentication via unspecified vectors."
"lang": "eng",
"value": "Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12.1X45 before D25, 12.1X46 before D20, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S3, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D26 and D30, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when a RADIUS accounting server is configured as [system accounting destination radius], creates an entry in /var/etc/pam_radius.conf, which might allow remote attackers to bypass authentication via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10654",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10654"
"name": "juniper-junos-cve20146379-sec-bypass(96905)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96905"
},
{
"name" : "70365",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70365"
"name": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10654",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10654"
},
{
"name" : "1031010",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031010"
"name": "70365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70365"
},
{
"name" : "juniper-junos-cve20146379-sec-bypass(96905)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96905"
"name": "1031010",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031010"
}
]
}

22
2014/6xxx/CVE-2014-6403.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6403",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6403",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2017/0xxx/CVE-2017-0062.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0062",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0062",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows GDI+",
"version" : {
"version_data" : [
"product_name": "Windows GDI+",
"version": {
"version_data": [
{
"version_value" : "The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607"
"version_value": "The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"GDI+ Information Disclosure Vulnerability.\" This vulnerability is different from those described in CVE-2017-0060 and CVE-2017-0073."
"lang": "eng",
"value": "The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"GDI+ Information Disclosure Vulnerability.\" This vulnerability is different from those described in CVE-2017-0060 and CVE-2017-0073."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41658",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41658/"
"name": "96715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96715"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0062",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0062"
"name": "1038002",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038002"
},
{
"name" : "96715",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96715"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0062",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0062"
},
{
"name" : "1038002",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038002"
"name": "41658",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41658/"
}
]
}

80
2017/0xxx/CVE-2017-0091.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0091",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0091",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows Uniscribe",
"version" : {
"version_data" : [
"product_name": "Windows Uniscribe",
"version": {
"version_data": [
{
"version_value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1"
"version_value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Uniscribe Information Disclosure Vulnerability.\" CVE-2017-0085, CVE-2017-0092, CVE-2017-0111, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0116, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0121, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0125, CVE-2017-0126, CVE-2017-0127, and CVE-2017-0128."
"lang": "eng",
"value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Uniscribe Information Disclosure Vulnerability.\" CVE-2017-0085, CVE-2017-0092, CVE-2017-0111, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0116, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0121, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0125, CVE-2017-0126, CVE-2017-0127, and CVE-2017-0128."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41655",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41655/"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0091",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0091"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0091",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0091"
"name": "96657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96657"
},
{
"name" : "96657",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96657"
"name": "1037992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037992"
},
{
"name" : "1037992",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037992"
"name": "41655",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41655/"
}
]
}

86
2017/0xxx/CVE-2017-0595.json
View File

@ -1,89 +1,89 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0595",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0595",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "4.4.4"
"version_value": "4.4.4"
},
{
"version_value" : "5.0.2"
"version_value": "5.0.2"
},
{
"version_value" : "5.1.1"
"version_value": "5.1.1"
},
{
"version_value" : "6.0"
"version_value": "6.0"
},
{
"version_value" : "6.0.1"
"version_value": "6.0.1"
},
{
"version_value" : "7.0"
"version_value": "7.0"
},
{
"version_value" : "7.1.1"
"version_value": "7.1.1"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34705519."
"lang": "eng",
"value": "An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34705519."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1"
"name": "https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1"
},
{
"name" : "https://source.android.com/security/bulletin/2017-05-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-05-01"
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name" : "98129",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98129"
"name": "98129",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98129"
}
]
}

84
2017/1000xxx/CVE-2017-1000229.json
View File

@ -1,78 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.458408",
"ID" : "CVE-2017-1000229",
"REQUESTER" : "jschoi.2022@gmail.com",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.458408",
"ID": "CVE-2017-1000229",
"REQUESTER": "jschoi.2022@gmail.com",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "OptiPng",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "0.7.6 (latest)"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : ""
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service."
"lang": "eng",
"value": "Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Integer Overflow"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20171121 [SECURITY] [DLA 1184-1] optipng security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00030.html"
"name": "[debian-lts-announce] 20171121 [SECURITY] [DLA 1184-1] optipng security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00030.html"
},
{
"name" : "https://sourceforge.net/p/optipng/bugs/65/",
"refsource" : "MISC",
"url" : "https://sourceforge.net/p/optipng/bugs/65/"
"name": "DSA-4058",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4058"
},
{
"name" : "DSA-4058",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2017/dsa-4058"
"name": "GLSA-201801-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-02"
},
{
"name" : "GLSA-201801-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201801-02"
"name": "https://sourceforge.net/p/optipng/bugs/65/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/optipng/bugs/65/"
}
]
}

74
2017/18xxx/CVE-2017-18011.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18011",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18011",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6 for WordPress has XSS via the text_ads_ajax.php border_color parameter."
"lang": "eng",
"value": "The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6 for WordPress has XSS via the text_ads_ajax.php border_color parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://packetstormsecurity.com/files/144978/WordPress-Affiliate-Ads-For-Clickbank-Products-1.3-XSS.html",
"refsource" : "MISC",
"url" : "https://packetstormsecurity.com/files/144978/WordPress-Affiliate-Ads-For-Clickbank-Products-1.3-XSS.html"
"name": "https://wordpress.org/support/topic/affiliate-ads-for-clickbank-products-1-3-xss/",
"refsource": "MISC",
"url": "https://wordpress.org/support/topic/affiliate-ads-for-clickbank-products-1-3-xss/"
},
{
"name" : "https://wordpress.org/support/topic/affiliate-ads-for-clickbank-products-1-3-xss/",
"refsource" : "MISC",
"url" : "https://wordpress.org/support/topic/affiliate-ads-for-clickbank-products-1-3-xss/"
"name": "https://packetstormsecurity.com/files/144978/WordPress-Affiliate-Ads-For-Clickbank-Products-1.3-XSS.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/144978/WordPress-Affiliate-Ads-For-Clickbank-Products-1.3-XSS.html"
},
{
"name" : "https://wpvulndb.com/vulnerabilities/8989",
"refsource" : "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/8989"
"name": "https://wpvulndb.com/vulnerabilities/8989",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/8989"
}
]
}

70
2017/18xxx/CVE-2017-18034.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-01-18T00:00:00",
"ID" : "CVE-2017-18034",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-01-18T00:00:00",
"ID": "CVE-2017-18034",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Fisheye and Crucible",
"version" : {
"version_data" : [
"product_name": "Fisheye and Crucible",
"version": {
"version_data": [
{
"version_value" : "prior to 4.5.1 and 4.6.0"
"version_value": "prior to 4.5.1 and 4.6.0"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The source browse resource in Atlassian FishEye and Crucible before version 4.5.1 and 4.6.0 allows allows remote attackers that have write access to an indexed repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in via a specially crafted repository branch name when trying to display deleted files of the branch."
"lang": "eng",
"value": "The source browse resource in Atlassian FishEye and Crucible before version 4.5.1 and 4.6.0 allows allows remote attackers that have write access to an indexed repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in via a specially crafted repository branch name when trying to display deleted files of the branch."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/CRUC-8161",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CRUC-8161"
"name": "https://jira.atlassian.com/browse/FE-6994",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/FE-6994"
},
{
"name" : "https://jira.atlassian.com/browse/FE-6994",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-6994"
"name": "https://jira.atlassian.com/browse/CRUC-8161",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/CRUC-8161"
}
]
}

74
2017/18xxx/CVE-2017-18273.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18273",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18273",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call."
"lang": "eng",
"value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
"name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/910",
"refsource" : "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/910"
"name": "USN-3681-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3681-1/"
},
{
"name" : "USN-3681-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3681-1/"
"name": "https://github.com/ImageMagick/ImageMagick/issues/910",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/910"
}
]
}

74
2017/1xxx/CVE-2017-1363.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1363",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1363",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126856."
"lang": "eng",
"value": "IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126856."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126856",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126856"
"name": "101587",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101587"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22009296",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22009296"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22009296",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009296"
},
{
"name" : "101587",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101587"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126856",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126856"
}
]
}

22
2017/1xxx/CVE-2017-1455.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1455",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1455",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

142
2017/1xxx/CVE-2017-1691.json
View File

@ -1,145 +1,145 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-28T00:00:00",
"ID" : "CVE-2017-1691",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-06-28T00:00:00",
"ID": "CVE-2017-1691",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Rational Quality Manager",
"version" : {
"version_data" : [
"product_name": "Rational Quality Manager",
"version": {
"version_data": [
{
"version_value" : "5.0"
"version_value": "5.0"
},
{
"version_value" : "5.0.1"
"version_value": "5.0.1"
},
{
"version_value" : "5.0.2"
"version_value": "5.0.2"
},
{
"version_value" : "6.0"
"version_value": "6.0"
},
{
"version_value" : "6.0.1"
"version_value": "6.0.1"
},
{
"version_value" : "6.0.2"
"version_value": "6.0.2"
},
{
"version_value" : "6.0.3"
"version_value": "6.0.3"
},
{
"version_value" : "6.0.4"
"version_value": "6.0.4"
},
{
"version_value" : "6.0.5"
"version_value": "6.0.5"
}
]
}
},
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value" : "5.0"
"version_value": "5.0"
},
{
"version_value" : "5.0.1"
"version_value": "5.0.1"
},
{
"version_value" : "5.0.2"
"version_value": "5.0.2"
},
{
"version_value" : "6.0"
"version_value": "6.0"
},
{
"version_value" : "6.0.1"
"version_value": "6.0.1"
},
{
"version_value" : "6.0.2"
"version_value": "6.0.2"
},
{
"version_value" : "6.0.3"
"version_value": "6.0.3"
},
{
"version_value" : "6.0.4"
"version_value": "6.0.4"
},
{
"version_value" : "6.0.5"
"version_value": "6.0.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134066."
"lang": "eng",
"value": "IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134066."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www-prd-trops.events.ibm.com/node/715749",
"refsource" : "CONFIRM",
"url" : "https://www-prd-trops.events.ibm.com/node/715749"
"name": "ibm-rqm-cve20171691-xss(134066)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134066"
},
{
"name" : "ibm-rqm-cve20171691-xss(134066)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134066"
"name": "https://www-prd-trops.events.ibm.com/node/715749",
"refsource": "CONFIRM",
"url": "https://www-prd-trops.events.ibm.com/node/715749"
}
]
}

22
2017/4xxx/CVE-2017-4023.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4023",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4023",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4108.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4108",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4108",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4382.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4382",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4382",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4696.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4696",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4696",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4883.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4883",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4883",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}