mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
138 lines
4.5 KiB
JSON
138 lines
4.5 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2003-0015",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20030120 Advisory 01/2003: CVS remote vulnerability",
|
|
"refsource" : "VULNWATCH",
|
|
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0028.html"
|
|
},
|
|
{
|
|
"name" : "http://security.e-matters.de/advisories/012003.html",
|
|
"refsource" : "MISC",
|
|
"url" : "http://security.e-matters.de/advisories/012003.html"
|
|
},
|
|
{
|
|
"name" : "20030124 Test program for CVS double-free.",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=104342550612736&w=2"
|
|
},
|
|
{
|
|
"name" : "20030202 Exploit for CVS double free() for Linux pserver",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=104428571204468&w=2"
|
|
},
|
|
{
|
|
"name" : "CA-2003-02",
|
|
"refsource" : "CERT",
|
|
"url" : "http://www.cert.org/advisories/CA-2003-02.html"
|
|
},
|
|
{
|
|
"name" : "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14"
|
|
},
|
|
{
|
|
"name" : "DSA-233",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2003/dsa-233"
|
|
},
|
|
{
|
|
"name" : "FreeBSD-SA-03:01",
|
|
"refsource" : "FREEBSD",
|
|
"url" : "http://marc.info/?l=bugtraq&m=104438807203491&w=2"
|
|
},
|
|
{
|
|
"name" : "MDKSA-2003:009",
|
|
"refsource" : "MANDRAKE",
|
|
"url" : "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:009"
|
|
},
|
|
{
|
|
"name" : "RHSA-2003:012",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://www.redhat.com/support/errata/RHSA-2003-012.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2003:013",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2003-013.html"
|
|
},
|
|
{
|
|
"name" : "20030122 [security@slackware.com: [slackware-security] New CVS packages available]",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=104333092200589&w=2"
|
|
},
|
|
{
|
|
"name" : "N-032",
|
|
"refsource" : "CIAC",
|
|
"url" : "http://www.ciac.org/ciac/bulletins/n-032.shtml"
|
|
},
|
|
{
|
|
"name" : "VU#650937",
|
|
"refsource" : "CERT-VN",
|
|
"url" : "http://www.kb.cert.org/vuls/id/650937"
|
|
},
|
|
{
|
|
"name" : "6650",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/6650"
|
|
},
|
|
{
|
|
"name" : "cvs-doublefree-memory-corruption(11108)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11108"
|
|
}
|
|
]
|
|
}
|
|
}
|