mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
184 lines
5.9 KiB
JSON
184 lines
5.9 KiB
JSON
{
|
|
"id": "CVE-2011-1952",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2011-06-06T19:55:02.503",
|
|
"lastModified": "2024-11-21T01:27:22.570",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service (infinite loop) via malformed HTML markup, as demonstrated by an a< sequence."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "common.php en Post Revolution antes de v0.8.0c-2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio ( bucle infinito ) a trav\u00e9s de c\u00f3digo HTML con formato incorrecto, como se demuestra por una secuencia \"a<\"."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"baseScore": 5.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-399"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "0.8.0c",
|
|
"matchCriteriaId": "2C67C01B-F7E8-44E0-9739-3C4200C7B23B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.2:beta:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9A721BF-DFD7-4F66-A5DF-53C69647E75A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.3:beta:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A460C783-0922-48CD-831D-43BC5FA177B8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2B6C9114-F48B-42B5-886C-ACD57C4DAD55"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B185A73E-AD6A-42CE-816F-0EC280BC6DF4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "412E1018-BF17-42A0-9027-46DD8CEF5383"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8EC294CE-0BE0-4EE2-891C-52A98B8C241A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F76CA836-C63A-4DCC-A265-0A7A9A82C2B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8EDE637C-7D0F-4037-9E45-77886316CEED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5D5BD6F4-DC7E-47AE-8E24-155C4E2F6B10"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.8.0:alpha:*:*:*:*:*:*",
|
|
"matchCriteriaId": "966BA6A4-5E70-4AB5-9F26-D56D4EADDA49"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.8.0b:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CF533C04-2042-459A-B0B2-6D5E6E0195B8"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://javierb.com.ar/2011/06/01/postrev-vunls/",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://postrev.com.ar/verpost.php?id_noticia=59",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/8270",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/518205/100/0/threaded",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/47967",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://javierb.com.ar/2011/06/01/postrev-vunls/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://postrev.com.ar/verpost.php?id_noticia=59",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/8270",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/518205/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/47967",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |