diff --git a/2006/0xxx/CVE-2006-0379.json b/2006/0xxx/CVE-2006-0379.json index c3b3632c309c..91c6a3469d0a 100644 --- a/2006/0xxx/CVE-2006-0379.json +++ b/2006/0xxx/CVE-2006-0379.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0379", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secteam@freebsd.org", + "ID": "CVE-2006-0379", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FreeBSD-SA-06:06", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc" - }, - { - "name" : "16373", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16373" - }, - { - "name" : "22730", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22730" - }, - { - "name" : "1015541", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015541" - }, - { - "name" : "18599", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18599" - }, - { - "name" : "bsd-buffer-initialization-disclosure(24338)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24338" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FreeBSD-SA-06:06", + "refsource": "FREEBSD", + "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc" + }, + { + "name": "18599", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18599" + }, + { + "name": "1015541", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015541" + }, + { + "name": "22730", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22730" + }, + { + "name": "bsd-buffer-initialization-disclosure(24338)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24338" + }, + { + "name": "16373", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16373" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0476.json b/2006/0xxx/CVE-2006-0476.json index 535049a5788c..6dd9522b7b5c 100644 --- a/2006/0xxx/CVE-2006-0476.json +++ b/2006/0xxx/CVE-2006-0476.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0476", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0476", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060130 Winamp 5.12 - 0day exploit - code execution through playlist", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/423436/100/0/threaded" - }, - { - "name" : "3422", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3422" - }, - { - "name" : "http://www.heise.de/newsticker/meldung/68981", - "refsource" : "MISC", - "url" : "http://www.heise.de/newsticker/meldung/68981" - }, - { - "name" : "http://www.winamp.com/player/version_history.php", - "refsource" : "MISC", - "url" : "http://www.winamp.com/player/version_history.php" - }, - { - "name" : "20060131 Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/423548/100/0/threaded" - }, - { - "name" : "TA06-032A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-032A.html" - }, - { - "name" : "VU#604745", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/604745" - }, - { - "name" : "16410", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16410" - }, - { - "name" : "ADV-2006-0361", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0361" - }, - { - "name" : "22789", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22789" - }, - { - "name" : "oval:org.mitre.oval:def:1402", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1402" - }, - { - "name" : "1015552", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015552" - }, - { - "name" : "18649", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18649" - }, - { - "name" : "386", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/386" - }, - { - "name" : "398", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/398" - }, - { - "name" : "winamp-playlist-filename-bo(24361)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24361" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "398", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/398" + }, + { + "name": "winamp-playlist-filename-bo(24361)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24361" + }, + { + "name": "386", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/386" + }, + { + "name": "1015552", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015552" + }, + { + "name": "3422", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3422" + }, + { + "name": "18649", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18649" + }, + { + "name": "http://www.heise.de/newsticker/meldung/68981", + "refsource": "MISC", + "url": "http://www.heise.de/newsticker/meldung/68981" + }, + { + "name": "ADV-2006-0361", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0361" + }, + { + "name": "20060131 Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/423548/100/0/threaded" + }, + { + "name": "oval:org.mitre.oval:def:1402", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1402" + }, + { + "name": "http://www.winamp.com/player/version_history.php", + "refsource": "MISC", + "url": "http://www.winamp.com/player/version_history.php" + }, + { + "name": "20060130 Winamp 5.12 - 0day exploit - code execution through playlist", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/423436/100/0/threaded" + }, + { + "name": "16410", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16410" + }, + { + "name": "22789", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22789" + }, + { + "name": "TA06-032A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-032A.html" + }, + { + "name": "VU#604745", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/604745" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0999.json b/2006/0xxx/CVE-2006-0999.json index 8cf9a20597a6..12e85a1c1c18 100644 --- a/2006/0xxx/CVE-2006-0999.json +++ b/2006/0xxx/CVE-2006-0999.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0999", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0999", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" - }, - { - "name" : "17176", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17176" - }, - { - "name" : "64758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64758" - }, - { - "name" : "ADV-2006-1043", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1043" - }, - { - "name" : "24048", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24048" - }, - { - "name" : "1015799", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015799" - }, - { - "name" : "19324", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19324" - }, - { - "name" : "netware-nile-forced-weak-encryption(25382)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-1043", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1043" + }, + { + "name": "1015799", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015799" + }, + { + "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", + "refsource": "CONFIRM", + "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm" + }, + { + "name": "netware-nile-forced-weak-encryption(25382)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382" + }, + { + "name": "19324", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19324" + }, + { + "name": "64758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64758" + }, + { + "name": "24048", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24048" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" + }, + { + "name": "17176", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17176" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1456.json b/2006/1xxx/CVE-2006-1456.json index c3773939ec70..d69ae06e867e 100644 --- a/2006/1xxx/CVE-2006-1456.json +++ b/2006/1xxx/CVE-2006-1456.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2006-05-11", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html" - }, - { - "name" : "TA06-132A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-132A.html" - }, - { - "name" : "17951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17951" - }, - { - "name" : "ADV-2006-1779", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1779" - }, - { - "name" : "25600", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25600" - }, - { - "name" : "1016070", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016070" - }, - { - "name" : "20077", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20077" - }, - { - "name" : "quicktime-rtsp-bo(26424)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26424" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17951" + }, + { + "name": "ADV-2006-1779", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1779" + }, + { + "name": "TA06-132A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html" + }, + { + "name": "quicktime-rtsp-bo(26424)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26424" + }, + { + "name": "25600", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25600" + }, + { + "name": "APPLE-SA-2006-05-11", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html" + }, + { + "name": "1016070", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016070" + }, + { + "name": "20077", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20077" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1538.json b/2006/1xxx/CVE-2006-1538.json index 2cedbe0bcc24..1e85c6b678b6 100644 --- a/2006/1xxx/CVE-2006-1538.json +++ b/2006/1xxx/CVE-2006-1538.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1538", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1538", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060329 [HV-INFO] Enova hardware encryption: false sense of security", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/429253/100/0/threaded" - }, - { - "name" : "http://www.hexview.com/docs/20060328-1.txt", - "refsource" : "MISC", - "url" : "http://www.hexview.com/docs/20060328-1.txt" - }, - { - "name" : "648", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/648" - }, - { - "name" : "enova-xwall-insecure-encryption-key(25527)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25527" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060329 [HV-INFO] Enova hardware encryption: false sense of security", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/429253/100/0/threaded" + }, + { + "name": "http://www.hexview.com/docs/20060328-1.txt", + "refsource": "MISC", + "url": "http://www.hexview.com/docs/20060328-1.txt" + }, + { + "name": "648", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/648" + }, + { + "name": "enova-xwall-insecure-encryption-key(25527)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25527" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1691.json b/2006/1xxx/CVE-2006-1691.json index 992bf888befe..6373645902ec 100644 --- a/2006/1xxx/CVE-2006-1691.json +++ b/2006/1xxx/CVE-2006-1691.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1691", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the user_name parameter to unsubscribe.php." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the user_name parameter to unsubscribe.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060421 [eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2006-04/0447.html" - }, - { - "name" : "http://evuln.com/vulns/123/summary.html", - "refsource" : "MISC", - "url" : "http://evuln.com/vulns/123/summary.html" - }, - { - "name" : "17412", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17412" - }, - { - "name" : "ADV-2006-1270", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1270" - }, - { - "name" : "24905", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24905" - }, - { - "name" : "24445", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24445" - }, - { - "name" : "19568", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19568" - }, - { - "name" : "mwnewsletter-unsubscribe-sql-injection(25683)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25683" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mwnewsletter-unsubscribe-sql-injection(25683)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25683" + }, + { + "name": "19568", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19568" + }, + { + "name": "ADV-2006-1270", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1270" + }, + { + "name": "17412", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17412" + }, + { + "name": "24905", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24905" + }, + { + "name": "20060421 [eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0447.html" + }, + { + "name": "http://evuln.com/vulns/123/summary.html", + "refsource": "MISC", + "url": "http://evuln.com/vulns/123/summary.html" + }, + { + "name": "24445", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24445" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1710.json b/2006/1xxx/CVE-2006-1710.json index 202070faf8d7..55c07e6ab432 100644 --- a/2006/1xxx/CVE-2006-1710.json +++ b/2006/1xxx/CVE-2006-1710.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1653", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/1653" - }, - { - "name" : "17435", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17435" - }, - { - "name" : "ADV-2006-1299", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1299" - }, - { - "name" : "19601", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19601" - }, - { - "name" : "dnguestbook-admin-sql-injection(25699)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25699" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19601", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19601" + }, + { + "name": "ADV-2006-1299", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1299" + }, + { + "name": "1653", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/1653" + }, + { + "name": "17435", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17435" + }, + { + "name": "dnguestbook-admin-sql-injection(25699)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25699" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1833.json b/2006/1xxx/CVE-2006-1833.json index 0d417285a43a..380668c9e49a 100644 --- a/2006/1xxx/CVE-2006-1833.json +++ b/2006/1xxx/CVE-2006-1833.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1833", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1833", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "NetBSD-SA2006-009", - "refsource" : "NETBSD", - "url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc" - }, - { - "name" : "17496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17496" - }, - { - "name" : "24577", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24577" - }, - { - "name" : "1015907", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015907" - }, - { - "name" : "19585", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19585" - }, - { - "name" : "netbsd-intel-rng-security-bypass(25786)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19585", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19585" + }, + { + "name": "NetBSD-SA2006-009", + "refsource": "NETBSD", + "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc" + }, + { + "name": "17496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17496" + }, + { + "name": "1015907", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015907" + }, + { + "name": "netbsd-intel-rng-security-bypass(25786)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786" + }, + { + "name": "24577", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24577" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1861.json b/2006/1xxx/CVE-2006-1861.json index 6e740f136bec..c05f35278934 100644 --- a/2006/1xxx/CVE-2006-1861.json +++ b/2006/1xxx/CVE-2006-1861.json @@ -1,297 +1,297 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-1861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060612 rPSA-2006-0100-1 freetype", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/436836/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=416463", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=416463" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-429", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-429" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=502565", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=502565" - }, - { - "name" : "http://support.apple.com/kb/HT3438", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3438" - }, - { - "name" : "APPLE-SA-2009-02-12", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" - }, - { - "name" : "DSA-1095", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1095" - }, - { - "name" : "FEDORA-2009-5558", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html" - }, - { - "name" : "FEDORA-2009-5644", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html" - }, - { - "name" : "GLSA-200607-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200607-02.xml" - }, - { - "name" : "GLSA-200710-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml" - }, - { - "name" : "MDKSA-2006:099", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099" - }, - { - "name" : "RHSA-2006:0500", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0500.html" - }, - { - "name" : "RHSA-2009:0329", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0329.html" - }, - { - "name" : "RHSA-2009:1062", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-1062.html" - }, - { - "name" : "20060701-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U" - }, - { - "name" : "102705", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1" - }, - { - "name" : "SUSE-SA:2006:037", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html" - }, - { - "name" : "SUSE-SR:2007:021", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html" - }, - { - "name" : "USN-291-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/291-1/" - }, - { - "name" : "18034", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18034" - }, - { - "name" : "oval:org.mitre.oval:def:9124", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124" - }, - { - "name" : "35200", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35200" - }, - { - "name" : "35204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35204" - }, - { - "name" : "35233", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35233" - }, - { - "name" : "ADV-2006-1868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1868" - }, - { - "name" : "ADV-2007-0381", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0381" - }, - { - "name" : "1016522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016522" - }, - { - "name" : "20100", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20100" - }, - { - "name" : "20525", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20525" - }, - { - "name" : "20591", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20591" - }, - { - "name" : "20638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20638" - }, - { - "name" : "20791", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20791" - }, - { - "name" : "21000", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21000" - }, - { - "name" : "21062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21062" - }, - { - "name" : "21135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21135" - }, - { - "name" : "21385", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21385" - }, - { - "name" : "21701", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21701" - }, - { - "name" : "23939", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23939" - }, - { - "name" : "27162", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27162" - }, - { - "name" : "27167", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27167" - }, - { - "name" : "27271", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27271" - }, - { - "name" : "33937", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33937" - }, - { - "name" : "freetype-lwfn-overflow(26553)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SA:2006:037", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html" + }, + { + "name": "20791", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20791" + }, + { + "name": "27271", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27271" + }, + { + "name": "33937", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33937" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=416463", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=416463" + }, + { + "name": "102705", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1" + }, + { + "name": "21000", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21000" + }, + { + "name": "20525", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20525" + }, + { + "name": "21701", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21701" + }, + { + "name": "GLSA-200607-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml" + }, + { + "name": "http://support.apple.com/kb/HT3438", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3438" + }, + { + "name": "27162", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27162" + }, + { + "name": "FEDORA-2009-5644", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html" + }, + { + "name": "APPLE-SA-2009-02-12", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" + }, + { + "name": "USN-291-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/291-1/" + }, + { + "name": "21385", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21385" + }, + { + "name": "FEDORA-2009-5558", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html" + }, + { + "name": "RHSA-2009:1062", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html" + }, + { + "name": "20060612 rPSA-2006-0100-1 freetype", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded" + }, + { + "name": "18034", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18034" + }, + { + "name": "21135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21135" + }, + { + "name": "freetype-lwfn-overflow(26553)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553" + }, + { + "name": "RHSA-2006:0500", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html" + }, + { + "name": "oval:org.mitre.oval:def:9124", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124" + }, + { + "name": "23939", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23939" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=502565", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606" + }, + { + "name": "20591", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20591" + }, + { + "name": "SUSE-SR:2007:021", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html" + }, + { + "name": "27167", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27167" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593" + }, + { + "name": "20638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20638" + }, + { + "name": "20100", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20100" + }, + { + "name": "1016522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016522" + }, + { + "name": "35233", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35233" + }, + { + "name": "ADV-2007-0381", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0381" + }, + { + "name": "https://issues.rpath.com/browse/RPL-429", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-429" + }, + { + "name": "20060701-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U" + }, + { + "name": "GLSA-200710-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml" + }, + { + "name": "35200", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35200" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8" + }, + { + "name": "21062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21062" + }, + { + "name": "RHSA-2009:0329", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html" + }, + { + "name": "35204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35204" + }, + { + "name": "MDKSA-2006:099", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099" + }, + { + "name": "DSA-1095", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1095" + }, + { + "name": "ADV-2006-1868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1868" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4777.json b/2006/4xxx/CVE-2006-4777.json index 3fedd8bea0cc..496e052b2da0 100644 --- a/2006/4xxx/CVE-2006-4777.json +++ b/2006/4xxx/CVE-2006-4777.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060913 [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/445898/100/0/threaded" - }, - { - "name" : "20060915 Fwd: IE ActiveX 0day?", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446065/100/0/threaded" - }, - { - "name" : "20060915 RE: IE ActiveX 0day?", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446084/100/0/threaded" - }, - { - "name" : "20060915 Re: Fwd: IE ActiveX 0day?", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446085/100/0/threaded" - }, - { - "name" : "20060918 Re: IE ActiveX 0day?", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/446246/100/0/threaded" - }, - { - "name" : "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20", - "refsource" : "MISC", - "url" : "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20" - }, - { - "name" : "http://www.microsoft.com/technet/security/advisory/925444.mspx", - "refsource" : "CONFIRM", - "url" : "http://www.microsoft.com/technet/security/advisory/925444.mspx" - }, - { - "name" : "MS06-067", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067" - }, - { - "name" : "TA06-318A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-318A.html" - }, - { - "name" : "VU#377369", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/377369" - }, - { - "name" : "20047", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20047" - }, - { - "name" : "ADV-2006-3593", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3593" - }, - { - "name" : "28842", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28842" - }, - { - "name" : "oval:org.mitre.oval:def:1103", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1103" - }, - { - "name" : "1016854", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016854" - }, - { - "name" : "21910", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21910" - }, - { - "name" : "1577", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1577" - }, - { - "name" : "ie-directanimation-code-execution(28942)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28942" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1016854", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016854" + }, + { + "name": "21910", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21910" + }, + { + "name": "1577", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1577" + }, + { + "name": "TA06-318A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html" + }, + { + "name": "http://www.microsoft.com/technet/security/advisory/925444.mspx", + "refsource": "CONFIRM", + "url": "http://www.microsoft.com/technet/security/advisory/925444.mspx" + }, + { + "name": "ADV-2006-3593", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3593" + }, + { + "name": "28842", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28842" + }, + { + "name": "20060918 Re: IE ActiveX 0day?", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446246/100/0/threaded" + }, + { + "name": "20060915 RE: IE ActiveX 0day?", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446084/100/0/threaded" + }, + { + "name": "VU#377369", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/377369" + }, + { + "name": "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20", + "refsource": "MISC", + "url": "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20" + }, + { + "name": "ie-directanimation-code-execution(28942)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28942" + }, + { + "name": "20047", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20047" + }, + { + "name": "20060915 Fwd: IE ActiveX 0day?", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446065/100/0/threaded" + }, + { + "name": "oval:org.mitre.oval:def:1103", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1103" + }, + { + "name": "MS06-067", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067" + }, + { + "name": "20060913 [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/445898/100/0/threaded" + }, + { + "name": "20060915 Re: Fwd: IE ActiveX 0day?", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/446085/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5023.json b/2006/5xxx/CVE-2006-5023.json index 3f4944e770e8..cf95dcb06252 100644 --- a/2006/5xxx/CVE-2006-5023.json +++ b/2006/5xxx/CVE-2006-5023.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2416", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2416" - }, - { - "name" : "20145", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20145" - }, - { - "name" : "ADV-2006-3762", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3762" - }, - { - "name" : "22052", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22052" - }, - { - "name" : "xweblog-kategori-sql-injection(29103)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29103" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-3762", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3762" + }, + { + "name": "xweblog-kategori-sql-injection(29103)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29103" + }, + { + "name": "22052", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22052" + }, + { + "name": "2416", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2416" + }, + { + "name": "20145", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20145" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5773.json b/2006/5xxx/CVE-2006-5773.json index 4e4408b5be97..b27655998ffd 100644 --- a/2006/5xxx/CVE-2006-5773.json +++ b/2006/5xxx/CVE-2006-5773.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2704", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2704" - }, - { - "name" : "http://www.freewebshop.org/index.php?id=27", - "refsource" : "CONFIRM", - "url" : "http://www.freewebshop.org/index.php?id=27" - }, - { - "name" : "20888", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20888" - }, - { - "name" : "ADV-2006-4332", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4332" - }, - { - "name" : "22664", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22664" - }, - { - "name" : "freewebshop-index-directory-traversal(29991)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29991" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4332", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4332" + }, + { + "name": "http://www.freewebshop.org/index.php?id=27", + "refsource": "CONFIRM", + "url": "http://www.freewebshop.org/index.php?id=27" + }, + { + "name": "2704", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2704" + }, + { + "name": "freewebshop-index-directory-traversal(29991)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29991" + }, + { + "name": "20888", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20888" + }, + { + "name": "22664", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22664" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0246.json b/2010/0xxx/CVE-2010-0246.json index 6c500a0f51b2..f3872f9907fe 100644 --- a/2010/0xxx/CVE-2010-0246.json +++ b/2010/0xxx/CVE-2010-0246.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0246", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-0246", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS10-002", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002" - }, - { - "name" : "oval:org.mitre.oval:def:8378", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8378" - }, - { - "name" : "ie-deleted-object-code-exec(55776)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55776" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:8378", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8378" + }, + { + "name": "ie-deleted-object-code-exec(55776)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55776" + }, + { + "name": "MS10-002", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0350.json b/2010/0xxx/CVE-2010-0350.json index 5e3c8d5eee37..e47bd12435ba 100644 --- a/2010/0xxx/CVE-2010-0350.json +++ b/2010/0xxx/CVE-2010-0350.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0350", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0350", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/" - }, - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/", + "refsource": "CONFIRM", + "url": "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0414.json b/2010/0xxx/CVE-2010-0414.json index 8b375940b159..b06787174166 100644 --- a/2010/0xxx/CVE-2010-0414.json +++ b/2010/0xxx/CVE-2010-0414.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news", - "refsource" : "CONFIRM", - "url" : "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news" - }, - { - "name" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950" - }, - { - "name" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f", - "refsource" : "CONFIRM", - "url" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=609337", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=609337" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=562217", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=562217" - }, - { - "name" : "FEDORA-2010-1556", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html" - }, - { - "name" : "MDVSA-2010:040", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:040" - }, - { - "name" : "USN-898-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-898-1" - }, - { - "name" : "38149", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38149" - }, - { - "name" : "62219", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/62219" - }, - { - "name" : "38468", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38468" - }, - { - "name" : "38534", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38534" - }, - { - "name" : "38532", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38532" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38468", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38468" + }, + { + "name": "62219", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/62219" + }, + { + "name": "38149", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38149" + }, + { + "name": "USN-898-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-898-1" + }, + { + "name": "38532", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38532" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=562217", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=562217" + }, + { + "name": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950" + }, + { + "name": "38534", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38534" + }, + { + "name": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f", + "refsource": "CONFIRM", + "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f" + }, + { + "name": "MDVSA-2010:040", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:040" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=609337", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=609337" + }, + { + "name": "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news", + "refsource": "CONFIRM", + "url": "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news" + }, + { + "name": "FEDORA-2010-1556", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0562.json b/2010/0xxx/CVE-2010-0562.json index f45946eb4f14..7f793eb31553 100644 --- a/2010/0xxx/CVE-2010-0562.json +++ b/2010/0xxx/CVE-2010-0562.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0562", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0562", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt", - "refsource" : "CONFIRM", - "url" : "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt" - }, - { - "name" : "http://www.fetchmail.info/fetchmail-SA-2010-01.txt", - "refsource" : "CONFIRM", - "url" : "http://www.fetchmail.info/fetchmail-SA-2010-01.txt" - }, - { - "name" : "MDVSA-2010:037", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:037" - }, - { - "name" : "38088", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38088" - }, - { - "name" : "62114", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/62114" - }, - { - "name" : "1023543", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023543" - }, - { - "name" : "38391", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38391" - }, - { - "name" : "ADV-2010-0296", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0296" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2010:037", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:037" + }, + { + "name": "http://www.fetchmail.info/fetchmail-SA-2010-01.txt", + "refsource": "CONFIRM", + "url": "http://www.fetchmail.info/fetchmail-SA-2010-01.txt" + }, + { + "name": "38088", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38088" + }, + { + "name": "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt", + "refsource": "CONFIRM", + "url": "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt" + }, + { + "name": "1023543", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023543" + }, + { + "name": "38391", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38391" + }, + { + "name": "62114", + "refsource": "OSVDB", + "url": "http://osvdb.org/62114" + }, + { + "name": "ADV-2010-0296", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0296" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0660.json b/2010/0xxx/CVE-2010-0660.json index baa3957702a6..17cb3c968776 100644 --- a/2010/0xxx/CVE-2010-0660.json +++ b/2010/0xxx/CVE-2010-0660.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0660", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0660", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=29920", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=29920" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html" - }, - { - "name" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs", - "refsource" : "CONFIRM", - "url" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs" - }, - { - "name" : "oval:org.mitre.oval:def:14247", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247" - }, - { - "name" : "1023506", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023506" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:14247", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html" + }, + { + "name": "1023506", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023506" + }, + { + "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs", + "refsource": "CONFIRM", + "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=29920", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=29920" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2599.json b/2010/2xxx/CVE-2010-2599.json index d8253625c5b3..4f5356e73e63 100644 --- a/2010/2xxx/CVE-2010-2599.json +++ b/2010/2xxx/CVE-2010-2599.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2599", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2599", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110121 [TEHTRI-Security] CVE-2010-2599: Update your BlackBerry", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/515860/100/0/threaded" - }, - { - "name" : "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html", - "refsource" : "MISC", - "url" : "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html" - }, - { - "name" : "http://www.blackberry.com/btsc/KB24841", - "refsource" : "CONFIRM", - "url" : "http://www.blackberry.com/btsc/KB24841" - }, - { - "name" : "45754", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45754" - }, - { - "name" : "70404", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70404" - }, - { - "name" : "1024952", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024952" - }, - { - "name" : "ADV-2011-0082", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0082" - }, - { - "name" : "blackberry-desktop-dos(64622)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64622" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.blackberry.com/btsc/KB24841", + "refsource": "CONFIRM", + "url": "http://www.blackberry.com/btsc/KB24841" + }, + { + "name": "1024952", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024952" + }, + { + "name": "45754", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45754" + }, + { + "name": "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html", + "refsource": "MISC", + "url": "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html" + }, + { + "name": "70404", + "refsource": "OSVDB", + "url": "http://osvdb.org/70404" + }, + { + "name": "20110121 [TEHTRI-Security] CVE-2010-2599: Update your BlackBerry", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/515860/100/0/threaded" + }, + { + "name": "ADV-2011-0082", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0082" + }, + { + "name": "blackberry-desktop-dos(64622)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64622" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2783.json b/2010/2xxx/CVE-2010-2783.json index 2662d00f8442..7ca0c486de3e 100644 --- a/2010/2xxx/CVE-2010-2783.json +++ b/2010/2xxx/CVE-2010-2783.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2783", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2783", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3030.json b/2010/3xxx/CVE-2010-3030.json index 57565c0cf2ff..98a950660eac 100644 --- a/2010/3xxx/CVE-2010-3030.json +++ b/2010/3xxx/CVE-2010-3030.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40876", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40876" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40876", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40876" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3518.json b/2010/3xxx/CVE-2010-3518.json index e4cf2282958e..12c161fb4a37 100644 --- a/2010/3xxx/CVE-2010-3518.json +++ b/2010/3xxx/CVE-2010-3518.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-3518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #13, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E allows remote authenticated users to affect confidentiality and integrity via unknown vectors." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #13, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E allows remote authenticated users to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - }, - { - "name" : "TA10-287A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + }, + { + "name": "TA10-287A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3581.json b/2010/3xxx/CVE-2010-3581.json index 4cd5a8356dda..e175cc44089f 100644 --- a/2010/3xxx/CVE-2010-3581.json +++ b/2010/3xxx/CVE-2010-3581.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3581", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-3581", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - }, - { - "name" : "TA10-287A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + }, + { + "name": "TA10-287A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3668.json b/2010/3xxx/CVE-2010-3668.json index 431275540df9..73495f23a65b 100644 --- a/2010/3xxx/CVE-2010-3668.json +++ b/2010/3xxx/CVE-2010-3668.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3668", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3668", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4589.json b/2010/4xxx/CVE-2010-4589.json index 05b98fb86394..d7936ee54c94 100644 --- a/2010/4xxx/CVE-2010-4589.json +++ b/2010/4xxx/CVE-2010-4589.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563" - }, - { - "name" : "HE02563", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1HE02563" - }, - { - "name" : "45391", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45391" - }, - { - "name" : "42668", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42668" - }, - { - "name" : "ADV-2010-3211", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3211" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HE02563", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1HE02563" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563" + }, + { + "name": "ADV-2010-3211", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3211" + }, + { + "name": "45391", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45391" + }, + { + "name": "42668", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42668" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4836.json b/2010/4xxx/CVE-2010-4836.json index 3b7ba4138fc3..65ea3417b358 100644 --- a/2010/4xxx/CVE-2010-4836.json +++ b/2010/4xxx/CVE-2010-4836.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20101106 Vulnerabilities in PHPShop", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/514672/100/0/threaded" - }, - { - "name" : "http://websecurity.com.ua/4512/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/4512/" - }, - { - "name" : "44763", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44763" - }, - { - "name" : "69101", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/69101" - }, - { - "name" : "42132", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42132" - }, - { - "name" : "8381", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8381" - }, - { - "name" : "phpshop-register-xss(63157)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63157" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "8381", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8381" + }, + { + "name": "phpshop-register-xss(63157)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63157" + }, + { + "name": "42132", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42132" + }, + { + "name": "http://websecurity.com.ua/4512/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/4512/" + }, + { + "name": "44763", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44763" + }, + { + "name": "20101106 Vulnerabilities in PHPShop", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/514672/100/0/threaded" + }, + { + "name": "69101", + "refsource": "OSVDB", + "url": "http://osvdb.org/69101" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4847.json b/2010/4xxx/CVE-2010-4847.json index 59e18412e8ef..6fccbe9e9a33 100644 --- a/2010/4xxx/CVE-2010-4847.json +++ b/2010/4xxx/CVE-2010-4847.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4847", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4847", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15756", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15756" - }, - { - "name" : "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt" - }, - { - "name" : "45474", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45474" - }, - { - "name" : "42675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42675" - }, - { - "name" : "8397", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8397" - }, - { - "name" : "mhpdownloadshop-viewitem-sql-injection(64193)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64193" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt" + }, + { + "name": "mhpdownloadshop-viewitem-sql-injection(64193)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64193" + }, + { + "name": "15756", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15756" + }, + { + "name": "45474", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45474" + }, + { + "name": "42675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42675" + }, + { + "name": "8397", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8397" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3447.json b/2014/3xxx/CVE-2014-3447.json index f03ef70236c6..1b5926b1a7e4 100644 --- a/2014/3xxx/CVE-2014-3447.json +++ b/2014/3xxx/CVE-2014-3447.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3447", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-3447", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3925.json b/2014/3xxx/CVE-2014-3925.json index 1e6b5ae62b79..0dd6cf00bade 100644 --- a/2014/3xxx/CVE-2014-3925.json +++ b/2014/3xxx/CVE-2014-3925.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3925", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-3925", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140529 CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/05/29/6" - }, - { - "name" : "[oss-security] 20140530 Re: CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/05/30/3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102633", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102633" - }, - { - "name" : "USN-2845-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2845-1" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140529 CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/05/29/6" + }, + { + "name": "USN-2845-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2845-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633" + }, + { + "name": "[oss-security] 20140530 Re: CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/05/30/3" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4157.json b/2014/4xxx/CVE-2014-4157.json index 3212bd8a86a6..e0d4e3574511 100644 --- a/2014/4xxx/CVE-2014-4157.json +++ b/2014/4xxx/CVE-2014-4157.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4157", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2014-4157", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140616 Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/06/16/1" - }, - { - "name" : "[oss-security] 20140617 Re: (Linux kernel) Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/06/17/17" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417" - }, - { - "name" : "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140617 Re: (Linux kernel) Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/06/17/17" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417" + }, + { + "name": "[oss-security] 20140616 Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/06/16/1" + }, + { + "name": "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4327.json b/2014/4xxx/CVE-2014-4327.json index 057b73ce8827..c2fb4684e9cc 100644 --- a/2014/4xxx/CVE-2014-4327.json +++ b/2014/4xxx/CVE-2014-4327.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4327", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4327", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4455.json b/2014/4xxx/CVE-2014-4455.json index c682f85643eb..568aa9bfcced 100644 --- a/2014/4xxx/CVE-2014-4455.json +++ b/2014/4xxx/CVE-2014-4455.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-4455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/en-us/HT6590", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/en-us/HT6590" - }, - { - "name" : "https://support.apple.com/en-us/HT6592", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/en-us/HT6592" - }, - { - "name" : "http://support.apple.com/HT204245", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/HT204245" - }, - { - "name" : "http://support.apple.com/HT204246", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/HT204246" - }, - { - "name" : "https://support.apple.com/en-us/HT204418", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/en-us/HT204418" - }, - { - "name" : "https://support.apple.com/en-us/HT204420", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/en-us/HT204420" - }, - { - "name" : "APPLE-SA-2014-11-17-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html" - }, - { - "name" : "APPLE-SA-2014-11-17-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-01-27-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-01-27-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" - }, - { - "name" : "71140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71140" - }, - { - "name" : "1031231", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031231" - }, - { - "name" : "appletv-cve20144455-code-exec(98773)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98773" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2014-11-17-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html" + }, + { + "name": "http://support.apple.com/HT204245", + "refsource": "CONFIRM", + "url": "http://support.apple.com/HT204245" + }, + { + "name": "APPLE-SA-2014-11-17-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html" + }, + { + "name": "http://support.apple.com/HT204246", + "refsource": "CONFIRM", + "url": "http://support.apple.com/HT204246" + }, + { + "name": "https://support.apple.com/en-us/HT6590", + "refsource": "CONFIRM", + "url": "https://support.apple.com/en-us/HT6590" + }, + { + "name": "1031231", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031231" + }, + { + "name": "APPLE-SA-2015-01-27-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" + }, + { + "name": "appletv-cve20144455-code-exec(98773)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98773" + }, + { + "name": "APPLE-SA-2015-01-27-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" + }, + { + "name": "71140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71140" + }, + { + "name": "https://support.apple.com/en-us/HT204420", + "refsource": "CONFIRM", + "url": "https://support.apple.com/en-us/HT204420" + }, + { + "name": "https://support.apple.com/en-us/HT204418", + "refsource": "CONFIRM", + "url": "https://support.apple.com/en-us/HT204418" + }, + { + "name": "https://support.apple.com/en-us/HT6592", + "refsource": "CONFIRM", + "url": "https://support.apple.com/en-us/HT6592" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4857.json b/2014/4xxx/CVE-2014-4857.json index d3ef9fdaf44a..e0bf6984b65c 100644 --- a/2014/4xxx/CVE-2014-4857.json +++ b/2014/4xxx/CVE-2014-4857.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4857", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-4857", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forum.gurock.com/topic/1652/testrail-313-released/", - "refsource" : "CONFIRM", - "url" : "http://forum.gurock.com/topic/1652/testrail-313-released/" - }, - { - "name" : "VU#669804", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/669804" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#669804", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/669804" + }, + { + "name": "http://forum.gurock.com/topic/1652/testrail-313-released/", + "refsource": "CONFIRM", + "url": "http://forum.gurock.com/topic/1652/testrail-313-released/" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8226.json b/2014/8xxx/CVE-2014-8226.json index b129cc3ab0d3..de9ea6a562ee 100644 --- a/2014/8xxx/CVE-2014-8226.json +++ b/2014/8xxx/CVE-2014-8226.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8226", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-8226", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8808.json b/2014/8xxx/CVE-2014-8808.json index c5f88b7b0ebb..bf08d33274fd 100644 --- a/2014/8xxx/CVE-2014-8808.json +++ b/2014/8xxx/CVE-2014-8808.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8808", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8808", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9757.json b/2014/9xxx/CVE-2014-9757.json index decb983f5d0b..269f44763fe1 100644 --- a/2014/9xxx/CVE-2014-9757.json +++ b/2014/9xxx/CVE-2014-9757.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9757", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9757", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160122 January 2016 - Bamboo - Critical Security Advisory", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537347/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html" - }, - { - "name" : "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", - "refsource" : "CONFIRM", - "url" : "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html" - }, - { - "name" : "https://jira.atlassian.com/browse/BAM-17099", - "refsource" : "CONFIRM", - "url" : "https://jira.atlassian.com/browse/BAM-17099" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160122 January 2016 - Bamboo - Critical Security Advisory", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded" + }, + { + "name": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", + "refsource": "CONFIRM", + "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html" + }, + { + "name": "https://jira.atlassian.com/browse/BAM-17099", + "refsource": "CONFIRM", + "url": "https://jira.atlassian.com/browse/BAM-17099" + }, + { + "name": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2356.json b/2016/2xxx/CVE-2016-2356.json index 065b97638e64..f1f5d1b0cb7e 100644 --- a/2016/2xxx/CVE-2016-2356.json +++ b/2016/2xxx/CVE-2016-2356.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2356", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2356", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2805.json b/2016/2xxx/CVE-2016-2805.json index 418e818b43a0..0eef18bf3127 100644 --- a/2016/2xxx/CVE-2016-2805.json +++ b/2016/2xxx/CVE-2016-2805.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-2805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3559", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3559" - }, - { - "name" : "DSA-3576", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3576" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:1041", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1041.html" - }, - { - "name" : "RHSA-2016:0695", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0695.html" - }, - { - "name" : "SUSE-SU-2016:1258", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html" - }, - { - "name" : "SUSE-SU-2016:1352", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html" - }, - { - "name" : "SUSE-SU-2016:1374", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html" - }, - { - "name" : "USN-2973-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2973-1" - }, - { - "name" : "1035692", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035692" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3576", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3576" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "RHSA-2016:0695", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html" + }, + { + "name": "1035692", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035692" + }, + { + "name": "SUSE-SU-2016:1374", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html" + }, + { + "name": "SUSE-SU-2016:1352", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html" + }, + { + "name": "USN-2973-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2973-1" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731" + }, + { + "name": "DSA-3559", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3559" + }, + { + "name": "SUSE-SU-2016:1258", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html" + }, + { + "name": "RHSA-2016:1041", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1041.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2849.json b/2016/2xxx/CVE-2016-2849.json index d3c49e5b46f2..1d0d5db61273 100644 --- a/2016/2xxx/CVE-2016-2849.json +++ b/2016/2xxx/CVE-2016-2849.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-2849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[botan-devel] 20160428 Botan 1.10.13 released", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=botan-devel&m=146185420505943&w=2" - }, - { - "name" : "http://botan.randombit.net/security.html", - "refsource" : "CONFIRM", - "url" : "http://botan.randombit.net/security.html" - }, - { - "name" : "DSA-3565", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3565" - }, - { - "name" : "FEDORA-2016-a545f81683", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html" - }, - { - "name" : "GLSA-201701-23", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-23" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-a545f81683", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html" + }, + { + "name": "DSA-3565", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3565" + }, + { + "name": "[botan-devel] 20160428 Botan 1.10.13 released", + "refsource": "MLIST", + "url": "http://marc.info/?l=botan-devel&m=146185420505943&w=2" + }, + { + "name": "GLSA-201701-23", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-23" + }, + { + "name": "http://botan.randombit.net/security.html", + "refsource": "CONFIRM", + "url": "http://botan.randombit.net/security.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3422.json b/2016/3xxx/CVE-2016-3422.json index c487c0175caa..25ba3921d3a8 100644 --- a/2016/3xxx/CVE-2016-3422.json +++ b/2016/3xxx/CVE-2016-3422.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3422", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20160420-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20160420-0001/" - }, - { - "name" : "GLSA-201606-18", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-18" - }, - { - "name" : "RHSA-2016:0701", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0701.html" - }, - { - "name" : "RHSA-2016:0702", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0702.html" - }, - { - "name" : "RHSA-2016:0708", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0708.html" - }, - { - "name" : "RHSA-2016:0716", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0716.html" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2016:1039", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1039.html" - }, - { - "name" : "RHSA-2016:0677", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0677.html" - }, - { - "name" : "RHSA-2016:0678", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0678.html" - }, - { - "name" : "RHSA-2016:0679", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0679.html" - }, - { - "name" : "RHSA-2017:1216", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1216" - }, - { - "name" : "SUSE-SU-2016:1299", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" - }, - { - "name" : "SUSE-SU-2016:1300", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" - }, - { - "name" : "SUSE-SU-2016:1303", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" - }, - { - "name" : "SUSE-SU-2016:1378", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" - }, - { - "name" : "SUSE-SU-2016:1379", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" - }, - { - "name" : "SUSE-SU-2016:1388", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" - }, - { - "name" : "SUSE-SU-2016:1458", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" - }, - { - "name" : "SUSE-SU-2016:1475", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" - }, - { - "name" : "86488", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86488" - }, - { - "name" : "1035596", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035596" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:0677", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html" + }, + { + "name": "SUSE-SU-2016:1299", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" + }, + { + "name": "86488", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86488" + }, + { + "name": "RHSA-2016:1039", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html" + }, + { + "name": "RHSA-2016:0701", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html" + }, + { + "name": "SUSE-SU-2016:1303", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" + }, + { + "name": "SUSE-SU-2016:1475", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" + }, + { + "name": "SUSE-SU-2016:1300", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20160420-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20160420-0001/" + }, + { + "name": "RHSA-2016:0708", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html" + }, + { + "name": "SUSE-SU-2016:1378", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" + }, + { + "name": "SUSE-SU-2016:1379", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" + }, + { + "name": "SUSE-SU-2016:1458", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" + }, + { + "name": "GLSA-201606-18", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-18" + }, + { + "name": "RHSA-2016:0716", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html" + }, + { + "name": "1035596", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035596" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "SUSE-SU-2016:1388", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" + }, + { + "name": "RHSA-2016:0702", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html" + }, + { + "name": "RHSA-2016:0679", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html" + }, + { + "name": "RHSA-2017:1216", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1216" + }, + { + "name": "RHSA-2016:0678", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3854.json b/2016/3xxx/CVE-2016-3854.json index 177b5b2861de..96748f9d9cd3 100644 --- a/2016/3xxx/CVE-2016-3854.json +++ b/2016/3xxx/CVE-2016-3854.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3854", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3854", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa" - }, - { - "name" : "92256", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92256" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "92256", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92256" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6034.json b/2016/6xxx/CVE-2016-6034.json index 1ca11720c42b..7a8820ab0d00 100644 --- a/2016/6xxx/CVE-2016-6034.json +++ b/2016/6xxx/CVE-2016-6034.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-6034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-6034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tivoli Storage Manager for Virtual Environments", + "version": { + "version_data": [ + { + "version_value": "6.3" + }, + { + "version_value": "6.4" + }, + { + "version_value": "7.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Storage Manager for Virtual Environments", - "version" : { - "version_data" : [ - { - "version_value" : "6.3" - }, - { - "version_value" : "6.4" - }, - { - "version_value" : "7.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" + "lang": "eng", + "value": "IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21995544", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21995544" - }, - { - "name" : "95976", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95976" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95976", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95976" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21995544", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21995544" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6324.json b/2016/6xxx/CVE-2016-6324.json index 4ff1fbbe2ab5..cb5dc286cebe 100644 --- a/2016/6xxx/CVE-2016-6324.json +++ b/2016/6xxx/CVE-2016-6324.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6324", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6324", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6407.json b/2016/6xxx/CVE-2016-6407.json index 0ff02d2c4c4e..3230d013e062 100644 --- a/2016/6xxx/CVE-2016-6407.json +++ b/2016/6xxx/CVE-2016-6407.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-6407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160914 Cisco Web Security Appliance HTTP Load Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wsa" - }, - { - "name" : "92955", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92955" - }, - { - "name" : "1036829", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036829" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160914 Cisco Web Security Appliance HTTP Load Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wsa" + }, + { + "name": "1036829", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036829" + }, + { + "name": "92955", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92955" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6957.json b/2016/6xxx/CVE-2016-6957.json index 5d92adcadcf2..24ca315a06c9 100644 --- a/2016/6xxx/CVE-2016-6957.json +++ b/2016/6xxx/CVE-2016-6957.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6957", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-6957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" - }, - { - "name" : "93486", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93486" - }, - { - "name" : "1036986", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036986" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036986", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036986" + }, + { + "name": "93486", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93486" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7066.json b/2016/7xxx/CVE-2016-7066.json index 7680db390472..66e2b57970cb 100644 --- a/2016/7xxx/CVE-2016-7066.json +++ b/2016/7xxx/CVE-2016-7066.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "anemec@redhat.com", - "ID" : "CVE-2016-7066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-7066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "JBoss Enterprise Application Platform", + "version": { + "version_data": [ + { + "version_value": "7.1.0" + } + ] + } + } + ] + }, + "vendor_name": "Red Hat" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "JBoss Enterprise Application Platform", - "version" : { - "version_data" : [ - { - "version_value" : "7.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "Red Hat" + "lang": "eng", + "value": "It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations." - } - ] - }, - "impact" : { - "cvss" : [ - [ + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C", + "version": "2.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ { - "vectorString" : "6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C", - "version" : "2.0" + "description": [ + { + "lang": "eng", + "value": "CWE-266" + } + ] } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-266" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066" - }, - { - "name" : "RHSA-2017:3456", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3456" - } - ] - } -} + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:3456", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3456" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7143.json b/2016/7xxx/CVE-2016-7143.json index 6bc41692863c..e53ee2e92314 100644 --- a/2016/7xxx/CVE-2016-7143.json +++ b/2016/7xxx/CVE-2016-7143.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7143", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7143", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160904 CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/04/3" - }, - { - "name" : "[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/05/8" - }, - { - "name" : "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md" - }, - { - "name" : "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824", - "refsource" : "CONFIRM", - "url" : "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824" - }, - { - "name" : "DSA-3661", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3661" - }, - { - "name" : "92761", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92761" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824", + "refsource": "CONFIRM", + "url": "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824" + }, + { + "name": "DSA-3661", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3661" + }, + { + "name": "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md", + "refsource": "CONFIRM", + "url": "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md" + }, + { + "name": "92761", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92761" + }, + { + "name": "[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/05/8" + }, + { + "name": "[oss-security] 20160904 CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/04/3" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7410.json b/2016/7xxx/CVE-2016-7410.json index 425e63b8fa14..a2d4c7eb09f5 100644 --- a/2016/7xxx/CVE-2016-7410.json +++ b/2016/7xxx/CVE-2016-7410.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" + "lang": "eng", + "value": "The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160914 CVE request -libdwarf 06/13/2016 heap-buffer-overflow", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/13/5" - }, - { - "name" : "[oss-security] 20160915 Re: CVE request -libdwarf 06/13/2016 heap-buffer-overflow", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/15/3" - }, - { - "name" : "92971", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92971" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160914 CVE request -libdwarf 06/13/2016 heap-buffer-overflow", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/13/5" + }, + { + "name": "[oss-security] 20160915 Re: CVE request -libdwarf 06/13/2016 heap-buffer-overflow", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/15/3" + }, + { + "name": "92971", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92971" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7486.json b/2016/7xxx/CVE-2016-7486.json index 6c09d1097f74..211f06f15a10 100644 --- a/2016/7xxx/CVE-2016-7486.json +++ b/2016/7xxx/CVE-2016-7486.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7486", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7486", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file