admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2011/CVE-2011-00xx/CVE-2011-0025.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

195 lines
6.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2011-0025",
"sourceIdentifier": "secalert@redhat.com",
"published": "2011-02-04T20:00:02.447",
"lastModified": "2023-02-13T00:15:51.857",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are \"partially signed\" or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source."
},
{
"lang": "es",
"value": "IcedTea v1.7 anterior a v1.7.8, v1.8 anterior a v1.8.5 y v1.9 anterior a v1.9.5 no verifica adecuadamente las firmas de los archivos JAR que (1) est\u00e1n \"parcialmente firmados\" o (2), firmado por varias entidades, lo que permite a atacantes remotos enga\u00f1ar a usuarios ejecutando c\u00f3digo que parece provenir de una fuente de confianza."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4833BFF6-1B29-4455-BA90-A11DE1F6D008"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CD18B06E-F419-4ADE-B6E5-DC364A9FF6CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3970CE-8C3C-4F30-8927-1E5A6CD626E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E225339C-A5A8-4D56-A5EC-09814C83E0E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ADC26C27-DAD1-4DA9-A1DE-E3D5060C3EB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "557CEA5C-2B78-4BC2-ABA2-E2272D3765A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "39BB9DB4-AE61-4B74-B0AB-2363A5F4A9F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAC1F98-711A-4A9D-B81A-5B8180E4A006"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "68D8D8B4-8E82-4D08-9D39-2D94418D06E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AD9684-D2D7-496B-B77A-2798244CB112"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D37313-09D9-4726-B083-1FD83A602DE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFB7FF0-B2D7-43F2-86ED-0DC4966373E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "880A1C3A-9210-4263-9F16-F78C36B7DD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3303605E-F164-4B9F-90E5-55E47C1C568B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C448596-505E-451B-8BC5-73FCB2D11DE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39ECCC84-CA5A-44F7-B303-25BED16073B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D454FC4-329C-4C70-BF31-D3F8B6CF85E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:icedtea:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D112A9B-C489-49FA-B446-54AEF1F515F1"
}
]
}
]
}
],
"references": [
{
"url": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset%3Bnode=3bd328e4b515",
"source": "secalert@redhat.com"
},
{
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml",
"source": "secalert@redhat.com"
},
{
"url": "http://www.debian.org/security/2011/dsa-2224",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/46110",
"source": "secalert@redhat.com"
},
{
"url": "http://www.ubuntu.com/usn/USN-1055-1",
"source": "secalert@redhat.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65151",
"source": "secalert@redhat.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink