Created
July 23, 2023 19:07
-
-
Save aj-stein-nist/e186d9f834754d95ef0d61782f91d45c to your computer and use it in GitHub Desktop.
NVD CVE records with CISA KEV entries from July 2023 pull
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "cve": { | |
| "id": "CVE-2002-0367", | |
| "published": "2002-06-25T04:00:00", | |
| "last_modified": "2018-10-12T21:31:21.067000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.iss.net/security_center/static/8462.php", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/262074", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit", | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/264441", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/264927", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/4287", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Windows Privilege Escalation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-Other" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E53CDA8E-50A8-4509-B070-CCA5604FFB21" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2004-0210", | |
| "published": "2004-08-06T04:00:00", | |
| "last_modified": "2019-04-30T14:27:13.913000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El componente POSIX de Microsoft Windows NT y Windows 2000 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante ciertos par\u00e1metros, posiblemente modificando valores de tama\u00f1o de mensaje y causando un desbordamiento de b\u00fafer." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/647436", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Third Party Advisory", | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA04-196A.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Third Party Advisory", | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16590", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2847", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Windows Privilege Escalation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-Other" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9BFF29C7-E5AA-44EB-B1A9-602B3692D893" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "4E8B7346-F2AA-434C-A048-7463EC1BB117" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", | |
| "match_criteria_id": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:alpha:*:*:*:*:*", | |
| "match_criteria_id": "D97FA0F5-6A53-4E3A-BFCF-1AFF4B83CB37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", | |
| "match_criteria_id": "BCC5E316-FB61-408B-BAA2-7FE03D581250" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", | |
| "match_criteria_id": "CA7BA525-6DB8-4444-934A-932AFED69816" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", | |
| "match_criteria_id": "90CFA69B-7814-4F97-A14D-D76310065CF3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", | |
| "match_criteria_id": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2004-1464", | |
| "published": "2004-12-31T05:00:00", | |
| "last_modified": "2017-07-11T01:31:03.340000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://securitytracker.com/id?1011079", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/384230", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Third Party Advisory", | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/11060", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17131", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2023-05-19", | |
| "cisa_action_due": "2023-06-09", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Cisco IOS Denial-of-Service Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P", | |
| "base_score": 5.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "NONE", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 10.0, | |
| "impact_score": 2.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2E12D45E-5FF2-4794-AF72-29F388B67E8E", | |
| "version_end_including": "12.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "BF86B641-08DC-404A-9718-F2A99C1B0889" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)dx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "324E754D-D755-4987-A892-D04A0690DD80" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "67A304F2-D112-47B5-8859-10FF62990368" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "897A6F3D-9C80-4E3E-B3E3-5CA48227CA4A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "915157AA-15BE-4792-95D8-4D1E1EF34EB7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F38C9EE3-1A86-4930-AEF7-EAC3A2713DF5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "742CC70E-68FB-4658-A475-E7BBC5983878" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "10CE5741-1569-4B69-B7F7-094F0C6101AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C9B4D71A-D418-4E6B-88F7-50833C00236C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDD14702-51AC-46B1-95A3-4AD47A4DCD21" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6FA8E55E-7E11-4D46-A1BC-B3655906FDF8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E16ED18-4EB6-40D5-A857-6398A78693D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "979D4077-A3CB-4134-B180-EF10F01413BC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xq:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C6C96C90-8B2D-4A88-A4B8-FA43332BD8D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xs:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9C9B3920-D3F1-478F-ADE9-6022763E8740" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xs1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3BC9CF50-E0F7-4513-B7EB-A2E095D3E194" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1.1\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "52332F68-2C6B-4226-9B36-345AD0A904E1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1.1\\)pi:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7A1FCC6A-332A-43B9-B8D9-513D9B0DB374" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1.4\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D13AA694-BAAF-4BE0-B900-4C2BCCCDA00E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1b\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "CAD94AB1-0D8D-4DBE-AB1B-6AE464743E75" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1b\\)da1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AC4C28B5-4591-49E0-80F9-7C6059F24B46" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(1d\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "B2D6897E-33F3-409A-B874-501FFF989EE2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9FE975E4-1D07-464A-8116-69393D07C362" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)bx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FFF0815-8F37-4613-A54D-42D7AA299D05" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)by:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CEB420B3-E9DA-4C5A-9299-FFAB48734116" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)by2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AFB7CEB1-84F0-405E-967A-A62B54B7CBCE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)dd3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BA91C37-5799-4B30-97FF-76A6A84F3606" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BD6F2B76-43DA-4C2B-AA6F-C6A4BBF7DE12" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BFD6C223-10B9-4381-A4AE-77DD415B5AF6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F1A3E8C4-0E94-4027-ABDE-47A364071D1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "07398411-7920-4B52-92C8-3696F49370B2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "371FA715-3966-4071-961F-12E691608DB2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E2713E8-3E4B-4C60-9ABD-01B962A85A9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5400D72E-CD49-41E7-BA47-33E3AB920320" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5A44418C-C041-4A98-9D1F-1E7510B9AD1A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "474FA3DA-6967-48A6-AAB4-E7C382D3C942" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D2808EB6-5964-4931-AEE2-BE1CF503B7E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BB0CD136-C54F-41F9-9969-9F367921B03F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6ABBB62E-EE60-4E80-9208-A6F5C1F80C06" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "78C39B9F-E597-473E-8297-6D1E8D9713E6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xf:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E319FE1E-8D75-4CA2-8EA9-C1C32C290891" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xg:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B82C4003-D2CD-4243-8A8D-B8A9B449D096" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "29056463-CDD9-4399-964E-14BDBFF760A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "259BD3FC-FFC5-44B7-8641-917A1BF2E98C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "34F414DF-19C3-42BC-B43D-5CF60A3C0991" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E32D7BFD-EC96-464D-81CB-E9CC12C21EC0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "32421120-BCA2-4218-8CB3-C77452A69295" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B03537E8-D899-44D5-976D-A6E10FF16FF5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2C4C67B0-81D3-4430-A9F7-6F15C601693E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xj1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "520E6B5D-C163-4633-A2DC-D02335838FDA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA145839-3DC4-41C4-96B7-88B8EE87D70E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xk2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1FC95C37-9102-45C7-813A-15A0ACFF5D5F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xn:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F8D649D-474E-4661-A68E-517EA3563CAA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xt:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0FEB158-215B-4C9D-8882-D44EE7F90B60" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xt3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C1BD8E31-5117-4E79-92A4-5FF08BC8BB60" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xu:*:*:*:*:*:*:*", | |
| "match_criteria_id": "274DF264-D0DE-46DC-A91F-DD53ACE06AAD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xu2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EC678F0D-4307-48B9-8C29-9E85DB756809" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)yc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D917117D-CF4D-427C-8529-EB2D856E8A99" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(2.2\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BCD87D10-0406-43C0-B961-47BAA4264641" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(3\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "16EA6782-77F4-4E2B-A882-A24ACEA5776B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(3.4\\)bp:*:*:*:*:*:*:*", | |
| "match_criteria_id": "80D35309-D236-4F49-88F9-AF29574630B9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(3d\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "8A33120F-F2DD-47A6-9BA3-58989C3CF448" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "7840C1F9-C5C6-42BE-97F3-BE6F174F8C87" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3A82EDE9-A7BD-4F36-8A97-DDDDAC45D80E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8697C1FE-2EC8-4116-809D-461801FDE1A9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4181019C-3AF9-42A7-AD01-28B17AB6DE5E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8C7265E4-1EE9-45E7-AB34-9BD6AA13E51D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DB5DC2C3-1DF3-47ED-BA83-9C9FEC2FD8F8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)bc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5B2979C5-DAF5-4A29-BD21-F6B0173574E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)bc1a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8FDBABF-EDEC-4E65-925B-E4FB97FF27BA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)bx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "90E26E18-5F6D-4C34-AD4D-CC69135DC9B9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ja:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0200FB78-35ED-4CEF-A49E-52D6F8F6102D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ja1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8BCFAA1B-DDCC-4E2E-B9BF-B51E0B5710F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mb3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "213AB5CB-DB2C-4939-94D7-E211AD817FA1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mb12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76A1F18F-77EB-4BE9-AFF4-00187613E5FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FAEC62C5-DEAD-45A2-8339-EDA980833ED8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mx1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "86D1C216-F510-48C6-9065-708408D8CE1B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8330DE9E-EF94-4402-9B3A-AA876F9F0035" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9934E886-22CD-489D-B90B-FD23B6A2D722" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "51DD991F-682A-43E5-9BED-58F524616A9A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BEA2B86D-05A1-4F17-903C-5E14A98493A9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AEB4D744-B7FA-41E4-8272-BC71C413BAA9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xl4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "06997F81-3A97-44C3-84B4-0868E0D20CAD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xm:*:*:*:*:*:*:*", | |
| "match_criteria_id": "52EA73E8-D40C-4E1D-94E9-E6FA63D7C253" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xm2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4478DFE6-341F-410D-967E-EFF8B67A2E80" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D79D38C9-271A-433C-9BED-C4893C2B0260" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xw1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5507D5CE-F07A-4BAA-96E6-96A67F4C0A3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1119AC22-9A4E-468D-A9A4-27A4C9191F91" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35A326CF-ED69-44A6-B7BC-3DCCC2A1766C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A76FBC72-6021-4535-8CD1-DD4208FD9CAD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6D992EE7-4F7F-413F-9E4B-A7722249A74D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)yb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "15DF8F59-0C88-4E38-B9A5-12293A2FE722" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(5\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "CC6829DD-33EA-40CE-A01B-EAA7667CBDF1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(5\\)ca1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "65C9A347-8EB3-4651-B7F4-BBE72E87B6DB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(5d\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "6F327B39-CCBA-4B2F-A083-CEEB625BD836" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(6.8\\)t0a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3AC7DFB1-014D-442E-B6B1-400B1F4BBDD0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(6.8\\)t1a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C289616B-36BA-440E-8380-5523844C2C5C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(6c\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "B858AB50-2EC6-4820-801B-5EAB72A0F947" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(7\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "87CED27A-7885-4D42-8A91-128BD76EF585" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(7\\)da:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A057D34A-C0E0-4DA1-8E51-2E7C2572D28A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(7.4\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33AFA64E-4181-4751-B93E-EC067C97FC8C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(7a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "A65C0314-7816-40C4-9950-1B40740204E5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(7b\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "84CAE9D3-209C-4663-BD5E-424928E152F0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)bc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9D67FDB9-FA6C-41F7-ACA0-AA04066B92F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)ja:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D359AB74-8958-477E-8B97-F5A1FC3BDC76" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "402CF7F0-EC7B-474C-98F5-F9FA3486E45A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)t10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7BBE9430-02C3-41AE-899D-8935F3EF215E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A331B245-2FFC-41AE-9E17-61F6E9AD002C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yw2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "139DE650-5861-495E-9B87-6C9B68AA5233" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yw3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F3A7C0DB-63E2-447A-A66C-1F7419F1EB3D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yy:*:*:*:*:*:*:*", | |
| "match_criteria_id": "70E5F20E-18F9-4108-AB48-E9A4DBB230B2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yy3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C91D2A28-D85D-4F62-92ED-11317A9C5947" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)zb7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AF4480F-6C08-43B0-92C5-3FE07B5E09D8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(9\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F575CA7-9875-4582-B9E0-446DE7227073" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(10\\)da2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "55396406-FB71-46A6-9CDF-27F041605097" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(10g\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "21E013BC-9F5F-4209-9588-1A3CDB017659" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)bc3c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6B059AD2-3215-4647-B4A6-AC9642E5623E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)ja:*:*:*:*:*:*:*", | |
| "match_criteria_id": "665CB7BC-E97E-4461-B83B-681047A6EEAB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)ja1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3F7E536B-DD9A-4F46-B8C1-F29DC3298972" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "92A9D069-4C88-4BE1-92E3-8A7056DD8825" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F4E735E1-79B9-4FB3-B994-63D15AF6DBF4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7861C0AC-51C3-40F4-8D72-061153D71E64" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35B57355-CE86-4605-9123-15B1445C226D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "617CC100-06BA-4916-A2FA-EA91049DED27" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yp1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F60222E3-B02F-44B8-9E64-DB8AE3BFAEC4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yu:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B52D7F7-AC13-42FF-BBDC-FFF4A25DFD54" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yv:*:*:*:*:*:*:*", | |
| "match_criteria_id": "574C686D-F7B6-42F5-BBE6-AAA61425DF2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yx1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "62A62D04-0DD5-456D-8C13-88A0DD3E1FC2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yz2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CD2FDA81-E862-45C4-BB48-152BB4C33BB2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "F3568B82-1112-417F-8F2A-ADAC7BE9D0D5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12\\)da3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CA67A2F1-F728-4776-AC96-0FB1C0326572" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.02\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E06B7024-F66C-4642-8BDB-5D88B66902DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.02\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8BA5828-6F26-4F92-9B22-C1A403D34D85" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.05\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "B0DDBD22-6C29-4275-9BB6-0F9E7717D382" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.05\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4569DDA0-1961-4CF2-ADBB-055144B6DDF1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.05\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7A8BF6E5-BA09-4EBE-9C06-28CD8397AF69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12b\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "FD9B22DC-353D-437E-B648-CFB39D6D34BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12c\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "DA8EA12C-A99D-4FE3-B18F-715D49764320" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12g\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "9B7CC6B5-44B7-4DCA-86C8-F032AF65FDAC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12h\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "208A52BF-BAE3-4F5F-9279-88C360FDCBC5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(12i\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "8F081454-D139-4630-BCCB-172303F78DF0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "E926A720-D79D-4A81-8E28-137CE36C4995" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)ja1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2FB70336-4345-4B02-98A9-A8F1A16657C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)mc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0E5B6FEA-3AD4-4401-96F6-8DC986D6509F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "59169A2A-FC3D-4C62-BD1A-F6AB7653BC23" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EB000AC6-C4C6-481E-A75C-7AA81BFAEE10" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DFE016D9-FA6A-4FF3-9B18-7CBC37CEB136" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "37DA4E81-4BE9-42FD-AA1E-E99FE7817FFB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F6F77A78-FFCE-4BD5-A027-A3AE81AE4C69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)ze:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D71C31AB-60C5-41D3-9C28-E11D8C87BA15" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zf:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B4F26995-8997-4665-B277-42119A370FED" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zg:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F2F5E02F-2EDF-4C24-8279-5602638E0E26" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C9585CFD-C563-4D76-A606-6C629B0BA12C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zh3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D193A196-05E1-4143-961B-E8100C7A7323" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C3BAAAC5-FD95-48C1-9834-A0BD5BB16699" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A47C78ED-4BEA-4DC9-8FF4-11DD8803AAB7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E4CE1FD8-530B-4530-9109-76F852C196FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13.03\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "64098AE7-DEB7-4D7B-801A-AF624C9E00FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "02879682-3521-4E10-95C7-4F3C3B488B04" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(13e\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "20087BA2-1C64-4741-BF0B-7DF45DCC9364" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1B721725-3499-4653-8489-A0337FE08215" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sx1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "77C60F5A-0478-4CF1-B621-4B747DD02A77" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CD1F4148-E772-4708-8C1F-D67F969C11DA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy03:*:*:*:*:*:*:*", | |
| "match_criteria_id": "936E22FD-5210-46F7-89E5-5458A9C58F77" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C6D9BA55-F193-4BCA-ACC2-BBC892E9D7E4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "46974023-379B-4475-A59F-BD340043CFAC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D71C21E1-BC04-4537-B64D-76492F282B76" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26835676-2738-47CB-A364-78D1964FEC4D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "209A1BE7-EEFC-476E-84E4-4EFD68DD7E81" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9B9BF07C-DB46-4646-A11D-FFC5C13D6387" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14.5\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "9802FF68-2932-42F6-B66F-545A59FB5EB7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14.5\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0E51D01E-F3CB-4413-985E-D72F71D7B423" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7F3DF4A1-DF61-46CB-AFF5-9B7DD6F93317" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EA8421C4-3CB5-40B8-AB20-5E883FAC276C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D9CDFBF7-D393-42F5-89A8-482459A426A1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "864B17DA-90A8-40F0-8885-3F9E47589131" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bz:*:*:*:*:*:*:*", | |
| "match_criteria_id": "31E2E42C-DB5E-4534-9BE5-E2717E96C784" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)cx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "32737FE9-2E17-4DA9-B3DD-6B5A4CBE2C40" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)mc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5C02477E-BBB9-49A2-94CC-9457DC928EB4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)sl1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E5B71B83-3E4E-4ADE-97CE-F72B52E41BB2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "284DFE38-63FE-45CC-8CF7-B84050674EBA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9A424753-62C6-466F-BD19-047A1611A4FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C1A353C2-69AE-4343-A6FF-E0736836EAD1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "56E5E477-2236-45DC-900E-75FAB2E7DFE6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A67A7F96-5B78-4466-B5D4-3811C6DE7A1D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)ys_1.2\\(1\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "882715D1-D669-4107-A39F-41C27084B2E5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FE530211-6ECF-4881-A069-826E0737CE5E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2C5C18D0-B516-4F5A-AB43-B3D5FBB14202" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0CB1FC76-DFCC-4F06-A320-82C27A502B07" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C17E0E7D-E7C0-434D-9142-F8A93BF63FCF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C81871C3-7AB6-41A1-BECF-2F34ED208E5E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9FFB25CF-C329-46A0-A404-36D951C7A0B8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zl1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D6CD80CB-7E2D-4DC0-A84E-D9E1ADFA141F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zn:*:*:*:*:*:*:*", | |
| "match_criteria_id": "776DCDA0-839D-4EA2-8C0C-D28E897C1E71" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zo:*:*:*:*:*:*:*", | |
| "match_criteria_id": "55827F80-F1A1-4538-85C0-069413E3DB80" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(15.1\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2C4B7EF3-FD99-4CCD-B05A-807EE53A58BE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CF6730C6-1387-4A52-8778-7FC144134AC6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)b1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4D461538-0218-40E9-A74A-9982E4075485" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)bx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79433418-CB13-4F11-B606-3D804926BB43" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(16.1\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AB1A7354-F886-427D-943A-388824100550" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(16.5\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A0C0B5AD-229E-4406-A5E6-190067352BBD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(16f\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "680AC7AF-998A-4584-8087-9409A7407AFB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "D298FE2E-227C-4385-9DFA-55A2D5C04E02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17\\)a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCF5B18A-3F59-4CED-BADD-6C7E41E2A28A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "2A28E43B-9153-4491-AA25-0011732C6E4A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17a\\)sxa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CE7F49F3-0A0A-4270-A657-CDE987637684" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17b\\)sxa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BC22162-36D7-43C0-966C-2DD62CA1DD6A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "3514C99A-95B8-4827-A9D4-E8E851D7FB2D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\)sxb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E947BE8B-DB42-45E9-89E9-2E42DF6242F3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E49B392-5366-422D-A10E-EE4F3A33C4B9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D0E67EE-AF42-4B53-B70A-45562CE164D0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)se:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E319ADC-C636-4933-BD50-B613677AD4C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1A15042D-EB07-4754-8144-947CDE669CAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E58F4903-E834-4476-876F-8C144BD93D4A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18.2\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "C20E75F7-CEF6-4985-942D-F054879C312D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(19\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "532987C6-8D68-40B0-ABB3-236C49A63D31" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(19\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9045CACC-F1AE-4924-94FE-825DE629C415" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "10151339-0261-4F5D-9601-F048C0B70908" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2498113D-65B7-4144-AD1C-9FCB6534B7BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84685E46-066D-42B4-8800-7D529AFC4FAC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(21\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "9324BF58-67E2-410D-AA71-F280B3D64498" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(21a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "060D7CA2-0A02-49E3-BCFB-EFE7F6EC08F6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(21b\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "D3AAE391-8039-4BCA-851E-CC3992BE7F75" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(22\\)s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2B20E6F8-5E33-4F24-BB8B-8B61E39C01E1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(23\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "947062EE-A5CF-4A7F-8EF7-921F45118268" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(23\\)sw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2C78ECAE-978F-4DDE-83D4-DCF4ECC20EAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(23.6\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "24044D5B-B73A-4873-A36E-E35B8A6AB087" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(23a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "04D1C25C-1BED-41F9-8CCC-044065B7572A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2\\(24\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "2F4E83FE-4A5F-49A1-B6E5-B39171AA8825" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E314B0F7-1A27-483E-B3B3-947A5561281F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A3EF2531-3E6B-4FDC-B96B-2BC3F8EAF39A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2bw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "05B838C9-E60E-46A3-A5FB-4F67291D0851" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2bx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2B29F111-CBA4-464D-8B25-C2677BA270EC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2by:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E96C76C5-52BA-45D9-9803-048E770BAA84" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2bz:*:*:*:*:*:*:*", | |
| "match_criteria_id": "42EB3A6A-8B37-47E6-AA9B-1B13FC08F542" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2cx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F4BA2D6E-FD22-4BFD-B8B4-D6542E173C72" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2cy:*:*:*:*:*:*:*", | |
| "match_criteria_id": "78B9E2C6-0E23-4AC9-906F-28BBC15868DB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2da:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7B7EA3DA-33B3-4480-B3B8-413745D6C5FE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2dd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BDC41749-91FC-43DB-A52F-AC3E3A2205C7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2dx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EE0195AE-24FD-43B2-892B-F646B8B5ED6A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ew:*:*:*:*:*:*:*", | |
| "match_criteria_id": "316924D4-10D4-4C98-AF05-DDE1D530A205" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ja:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B98E703A-717D-4997-AFBC-CAE4B644025D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2jk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "01A0A03A-5BFE-4A15-A983-B3EB8EE6B25A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2mb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6B27825D-099A-4733-8D3F-8EF2B050E5B5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2mc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D3A63E2B-8C1B-4EF7-BCDD-BBF3EC2C7113" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2mx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ED8A1FE0-F74A-4C92-8625-7C933128B567" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2pb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB3BD76F-F93A-4902-B4F6-4D9231C29EDF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2pi:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2AD6BA55-0A6B-4981-AA70-4D1FDD49B996" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D035A35-D53E-4C49-B4E4-F40B85866F27" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3CC41CCD-96B0-493D-B206-37773FD65388" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2se:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F05A548B-C443-4C15-B636-64C1F9B9860D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2su:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC70491B-F701-4D33-A314-C686469DBD2C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sv:*:*:*:*:*:*:*", | |
| "match_criteria_id": "198C24E9-6D45-44FD-B502-D14ACDA99EDA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5DEF14D5-1327-4012-913F-DA0E12C4E953" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4DE0B5B8-DEB1-4021-B854-177C0D9FD73A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sxa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E7A672BD-87AE-424D-8735-073BBE9CE164" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sxb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "95C033E3-184B-4AC1-B10D-8318FEAF73FB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sxd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC1DDD7C-7921-45D3-81F7-4D9A407CBB5B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", | |
| "match_criteria_id": "09458CD7-D430-4957-8506-FAB2A3E2AA65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2sz:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E709D6B-61DB-4905-B539-B8488D7E2DC0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84900BB3-B49F-448A-9E04-FE423FBCCC4F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EAC6758B-C6EE-45CB-AC2D-28C4AE709DD4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "075CD42D-070A-49BA-90D9-E7925BB41A38" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCB9967A-1EBD-4BE0-8651-1C7D42B2BF4E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AB8E66C-A16F-4CC5-9FDF-AE274FF035EB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xe:*:*:*:*:*:*:*", | |
| "match_criteria_id": "746DDC61-3981-4E93-A7EE-C120E0265485" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FCC88CC5-CF58-48A3-AFB6-FD38E5F40845" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xg:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AF2C6C2-58E8-4EA6-84FB-4D11F31490A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4628FDA0-4260-4493-92C9-4574E5EC06A2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xi:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9FA064A-6E1A-4415-84D4-1A33FF667011" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EE896909-F8C3-4723-B5E7-9FB5FA2B73B6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9F9CDCE5-F6D3-4FA3-ADA0-EED2517FF7EC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7E03EE34-C398-43B4-A529-BE7BAFA4B3C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xm:*:*:*:*:*:*:*", | |
| "match_criteria_id": "21147732-FA22-4728-B5F2-D115B78A8EDB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xn:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4D717498-4DF9-4D15-A25B-D777FF460E3A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xq:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B40548F-3914-4227-9E4C-F1B34071C069" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xr:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C1C23EC9-C1C6-4F73-9FF5-24A5B97B8D91" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xs:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ECE49281-0571-49F7-95FF-68B1ACA07537" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xt:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9B09B72E-6862-4115-9A0B-574089A94289" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xu:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EC38B64C-E246-467F-A185-669497DEA839" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2xw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E5C90EE-A9C0-461C-9E89-732BFA9BD066" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ya:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E74B6350-C2F8-4786-8E32-2ED6C188A5E6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F8E26473-A8EF-44C5-B550-5E0B86D31291" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "663FE3CE-FA09-46A2-9C0D-2797D9137A82" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "86309E93-F2C9-4334-9A1C-989EFDC99215" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ye:*:*:*:*:*:*:*", | |
| "match_criteria_id": "761D49D6-0624-41CE-829E-49E7EA679EF3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yf:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9BFAF394-6E9A-4CD6-B8A6-5BDDE4EC8EC4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yg:*:*:*:*:*:*:*", | |
| "match_criteria_id": "65318A70-40FF-4BE8-962B-DFCD5C476166" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8B6DB954-EDC8-4A81-8C26-9D3DBC68FC67" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "552C1E7A-2FFA-49BC-BF09-F0DE9B0C7502" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "869CEAF7-59D6-4651-8D89-0244D6C430A2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "059FBAA6-3127-4DF9-99AD-AA3A16317B6D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ym:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0E0E376F-64E1-4632-9A8E-11DC99FB245F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yn:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BF440B52-C6AE-4608-BE71-01B354D37BEE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yo:*:*:*:*:*:*:*", | |
| "match_criteria_id": "243BEF5E-F693-450E-B274-FD7CF34B6771" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yp:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E7918C59-1678-4F24-A7C2-68824D1B59A5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yq:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DE72804E-600D-47FA-B3BF-36BD3CF13A75" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yr:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DAD14B6D-CA11-41C1-9382-70CF1F5B4C8C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ys:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7F5B9BAF-59BA-4282-B387-489264D44429" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yt:*:*:*:*:*:*:*", | |
| "match_criteria_id": "969A5BAA-19D5-4411-BABB-FE55DBA7C7D7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yu:*:*:*:*:*:*:*", | |
| "match_criteria_id": "54B41182-7AA8-49D1-BAC3-EAF312E43553" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yv:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E11BBB83-147B-4FBF-B263-77FCCFB2D92D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2E84677D-793D-44C5-80E9-FC29C3183278" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yx:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E70E5B1F-E72C-4DAB-B6FA-977EF04BFBDA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yy:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ECFA2358-6B79-472D-9092-FF99DC3DF042" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2yz:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A3C26842-FF50-436F-8DB6-15A70082CD1C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", | |
| "match_criteria_id": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9384B48D-0F62-4042-BE8F-9A8F5FE9A3D0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F4A31301-AAB0-4744-98B2-695D88798D9D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ECB4BA74-BE9F-43D5-9D0F-78F4F2BB19B8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2ze:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0CEB27CF-46B5-4780-964C-C31193614B74" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zf:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F1094F9-7222-4DE0-A368-7421ABA66E3C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zg:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6C7EA2BB-A52A-438C-8EB5-CD283CACBACE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "574FFD6F-D56C-41DB-A978-E501BA3CA5D8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zi:*:*:*:*:*:*:*", | |
| "match_criteria_id": "41E5674D-D1D3-4597-8105-F787465E00A9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "11790F38-3720-45CF-9FD4-A8E5867684D3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "00462296-DF61-4438-818D-C240BFFCCD71" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AE2282B-6693-4E4B-8662-501EBC14CD9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zn:*:*:*:*:*:*:*", | |
| "match_criteria_id": "56365432-1E57-4D35-B764-DDDA878B96ED" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zo:*:*:*:*:*:*:*", | |
| "match_criteria_id": "390755B3-30B7-4086-8FB2-A41614F747D8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zp:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A925BA5C-AB2F-4B73-BA93-55664A319CAD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.2zq:*:*:*:*:*:*:*", | |
| "match_criteria_id": "94E748F5-FA9B-4627-AB30-5414A2952ADB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0668C45B-9D25-424B-B876-C1721BFFE5DA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(1a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "6C2928F8-6C6B-4C3F-BBE7-EAE8A0C47E77" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)t3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "19940BFF-0888-4717-AC5F-87A85BE165A5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E5A2A58-D7B2-4018-BAAE-D6CB49A3A709" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C268494-F83A-488D-AEE6-AF7D319B6F64" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "484207D7-0AC2-48B6-B86F-182651B6BBB3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(3e\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "40DD5508-B8BF-435C-B316-42FEDDDBA859" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)eo1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FF2F9E9-AA00-4A78-A32C-14CAA1C171A8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "68BCC003-3F88-4369-A387-6B8D0FDFBE32" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8DD45AA0-EEE1-43FF-B04D-4063769D71AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7873D1DB-80D0-4076-8716-7618D7161EE2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DF292613-B9BC-4CF1-A6FA-4AFC077D8632" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "208EF5CB-8131-443A-928B-391104DC1C26" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "23B1AF9D-106A-43CB-972C-5E85ADFC355D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xd1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "25C6BBA6-8D45-4BA7-B88E-44D9ECE88009" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xd2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C1D460AE-3B86-4178-A9D4-172AD4AF1DF5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xg1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A6DFEF95-E48F-4586-9D70-89C192FD21E8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6BC5ED4F-1905-4EAA-8AFF-BC50B879725C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F672CDF2-ACC2-485E-89C6-42E47974C8C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xq:*:*:*:*:*:*:*", | |
| "match_criteria_id": "67151B56-DD5F-4384-9651-FA927CE73D08" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(5\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "8CF0189B-964F-46EC-BE5F-8076CFE7AB8F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(5\\)b1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "691E3441-AF70-4959-BBA0-60F5328F8FF9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(5a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "53430E70-FBAD-42F7-8614-7AB04E566810" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(5a\\)b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B670057C-7A86-4F61-8FF5-88E6BFE2B5F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(5b\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "4403BFFB-8A89-4512-8030-5DEDC0C0FF93" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(5c\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "DE38549C-107E-4350-90F2-BA928E3872AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(6\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D9B4FE3-7A03-430F-AE68-743559D74DEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(6a\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "6F5C4FD2-E4BC-447D-8B3B-0248BFBE9121" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1BEADF66-3434-41E0-9527-4D97F1836A76" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(7.7\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "5719F49C-0BCC-40F9-825A-4C3C9D4D2239" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3\\(9\\):*:*:*:*:*:*:*", | |
| "match_criteria_id": "21837255-F23B-488A-A9FB-ED984020147D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3b:*:*:*:*:*:*:*", | |
| "match_criteria_id": "292F6F99-19B3-4106-A432-5DE916CCDD56" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3bc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "40183EF8-BD19-49AD-9E55-7FCCA635327F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3bw:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8E40D5D-F46E-4098-A46A-1A52A343310D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3ja:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D73E5138-016A-48EC-A367-3D3285AAFED2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0C3B413-76F7-413B-A51F-29834F9DE722" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xa:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84C89CFF-64BB-4058-9C49-C6BF3E5D8DB2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xb:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACB3B5E3-BDEE-4F29-AB02-BBFC6088D77E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xc:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A9F12741-69FB-46DD-A670-8461492B338A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7EC2D158-6174-4AE8-83DA-125B072B6980" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xe:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A5688D88-A550-43EB-8854-2E132EC71156" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xf:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8218E2D3-4F1E-440F-A2B2-A68D4692BB17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xg:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6BE2132D-CF21-49F1-BC66-FA6CDB6D72BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xh:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E2E3044F-3CE8-4970-9A7F-FDF555F622A6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xi:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AA212293-7BAF-4AD9-BD30-E953CBA7CB95" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xj:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CEF3B2A9-027B-4141-B0FB-D31A2C918CF1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xk:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1018E04C-5575-4D1A-B482-D1CDB9AD6A50" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xl:*:*:*:*:*:*:*", | |
| "match_criteria_id": "68FC4904-1F4D-4E10-AF95-911B07827598" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xm:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AB57AAA9-4715-468F-A734-A12209A6069F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xn:*:*:*:*:*:*:*", | |
| "match_criteria_id": "480D480A-80A3-4113-A1A6-194A8DD47F65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xq:*:*:*:*:*:*:*", | |
| "match_criteria_id": "86B9E611-3F06-424C-96EF-EE4997C70AB9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xr:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0A5760A-9FFE-4941-B2BD-7DD54B1E1B37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xt:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1A310F30-F94D-4A70-94BD-6B94D7B5F5B4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3xu:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FB74F350-37F8-48DF-924E-415E51932163" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios:12.3yd:*:*:*:*:*:*:*", | |
| "match_criteria_id": "520304A4-EB15-42A8-A402-8251A4D2076D" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2005-2773", | |
| "published": "2005-09-02T23:03:00", | |
| "last_modified": "2017-07-11T01:32:59.097000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/advisories/9150", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/14662", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "HP OpenView Network Node Manager Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P", | |
| "base_score": 7.5, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "PARTIAL", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 6.4, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": true, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-Other" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E8E17259-60C7-4F6B-AB23-06E406FA006D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.2:*:nt_4.x_windows_2000:*:*:*:*:*", | |
| "match_criteria_id": "F4272ED1-E1E5-459B-A23B-856EB3ABA5B1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.2:*:solaris:*:*:*:*:*", | |
| "match_criteria_id": "7AFA3EFE-52A0-42F5-BB6D-498572EF3E28" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E8A2AF84-E59A-4725-85E6-D2AF56F97F8E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.4:*:nt_4.x_windows_2000:*:*:*:*:*", | |
| "match_criteria_id": "4477BE83-EB63-4FDA-BD19-E4AEC1612064" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.4:*:solaris:*:*:*:*:*", | |
| "match_criteria_id": "4DFF053D-CF87-42E4-B89A-B0746F23B8BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E441789-E4C5-4D40-A0BE-1A20F5F90A4B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "87DF6D25-9B6E-4862-9252-92C8DB6F3F9F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.31:*:nt_4.x_windows_2000:*:*:*:*:*", | |
| "match_criteria_id": "E804E008-D8D3-482B-B187-3B1E2DAFFFAD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.41:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D24CCB02-FFFE-448B-AF31-D9AC39443552" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:6.41:*:solaris:*:*:*:*:*", | |
| "match_criteria_id": "99853806-F161-4836-82B7-BDC31D1BFDEA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows_2000_xp:*:*:*:*:*", | |
| "match_criteria_id": "38A50881-F10A-48BB-94A4-E10FDB55E358" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:7.50:*:*:*:*:*:*:*", | |
| "match_criteria_id": "725DA559-EE1C-4CCE-91C4-D5AAA940D855" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:7.50:*:solaris:*:*:*:*:*", | |
| "match_criteria_id": "5D10C46A-E776-4483-A0CC-788DED4AEF15" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:hp:openview_network_node_manager:7.50:*:windows_2000_xp:*:*:*:*:*", | |
| "match_criteria_id": "C89C6856-542F-4140-8EE6-30DC4800E15D" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2006-1547", | |
| "published": "2006-03-30T22:02:00", | |
| "last_modified": "2017-07-20T01:30:41.647000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=38534", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1015856", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Exploit", | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/17342", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2006/1205", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25613", | |
| "source": "secalert@redhat.com" | |
| } | |
| ], | |
| "source_identifier": "secalert@redhat.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-01-21", | |
| "cisa_action_due": "2022-07-21", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Apache Struts 1 ActionForm Denial-of-Service Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:C", | |
| "base_score": 7.8, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "NONE", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 6.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-Other" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4839E719-F3DA-4768-BB37-B575207BEC22", | |
| "version_end_including": "1.2.8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2FC81E1A-2779-4FAF-866C-970752CD1828" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2006-2492", | |
| "published": "2006-05-20T00:02:00", | |
| "last_modified": "2018-10-12T21:40:15.057000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "http://isc.sans.org/diary.php?storyid=1345", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "http://isc.sans.org/diary.php?storyid=1346", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1016130", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/446012", | |
| "source": "cret@cert.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.microsoft.com/technet/security/advisory/919637.mspx", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/18037", | |
| "source": "cret@cert.org", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA06-139A.html", | |
| "source": "cret@cert.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html", | |
| "source": "cret@cert.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2006/1872", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-027", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26556", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1418", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1738", | |
| "source": "cret@cert.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2068", | |
| "source": "cret@cert.org" | |
| } | |
| ], | |
| "source_identifier": "cret@cert.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Word Malformed Object Pointer Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:H/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.6, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "HIGH", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 4.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-Other" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*", | |
| "match_criteria_id": "379C2A4A-78EF-473D-954B-F5DD76C3D6CF" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2007-3010", | |
| "published": "2007-09-18T21:17:00", | |
| "last_modified": "2018-10-16T16:46:56.620000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "masterCGI en la Herramienta de Mantenimiento Unificado (Unified Maintenance Tool) en Alcatel OmniPCX Enterprise Communication SErver R7.1 y anteriores permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante metacaracteres de l\u00ednea de comandos en el par\u00e1metro user durante una acci\u00f3n ping." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://marc.info/?l=full-disclosure&m=119002152126755&w=2", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-001.php", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/479699/100/0/threaded", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/25694", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2007/3185", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36632", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-04-15", | |
| "cisa_action_due": "2022-05-06", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 10.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:alcatel-lucent:omnipcx:7.1:*:enterprise:*:*:*:*:*", | |
| "match_criteria_id": "98313BF7-A5D3-472C-B38D-D79B85110C7B" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2008-0655", | |
| "published": "2008-02-07T21:00:00", | |
| "last_modified": "2018-10-30T16:25:16.967000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "M\u00faltiples vulnerabilidades no especificadas en Adobe Reader y Acrobat anterior a la versi\u00f3n 8.1.2 tienen vectores de impacto y ataque desconocidos." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.adobe.com/acroread/2008/02/adobe_reader_812_for_linux_and.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-200803-01.xml", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1019346", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa08-01.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb08-13.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2008-0144.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/27641", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit", | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA08-043A.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2008/0425", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2008/1966/references", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10299", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader Unspecified Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3A068220-ADFE-46F0-AE35-3355BEFEECD9", | |
| "version_end_including": "8.1.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "465F9134-DD86-4F13-8C39-949BE6E7389A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BB041EDF-EFF8-4AA6-8D59-411975547534" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4C05F6A5-0FB3-489B-9B8B-64C569C03D7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AABA4FE3-662B-4956-904D-45086E000890" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "998CD79C-458E-46A8-8261-1C40C53D9FA5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0155FB0B-7FAD-4388-96C8-A8543B4FDFD9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "201F059D-33D1-4D9F-9C6F-FC8EB49E4735" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B025E795-5713-485E-8A15-EBE4451A1A46" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B453FA1D-0FE9-4324-9644-E167561926C2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FDEA946E-B6D2-463B-89D0-F2F37278089E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "183B5940-2310-4D2E-99F0-9792A801A442" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E5FCDCBF-597B-439C-8D8B-2819FC70C567" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "440B890A-90E9-4456-B92A-856CD17F0C78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79BD9D8D-39DA-403E-915D-E1B6A46A6BAB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8976A7DC-1314-4C4A-A7C5-AA789D2DAB9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "37854E7C-2166-48D7-AE8C-44C9468C38C7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FECFC942-4F04-420C-A9B4-AE0C0590317F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1DC97A87-2652-4AD6-8E10-419A9AC9C245" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E1F71AE-3591-499E-B09F-AAC4E38F1CF2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D75174C-EBF9-4117-9E66-80E847012853" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69B0305A-51D3-4E09-B96C-54B0ED921DA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9762FE57-837B-4FFA-9813-AC038450EB2B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0055A38C-E421-40A1-8BC7-11856A20B8F0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "758CC9EE-8929-405B-A845-83BAAECCB2AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24A7CF98-27EC-406A-98E2-ACC1AAAF5C93" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BC1BD70D-7A92-4309-A40C-9BD500997390" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9C17896-8895-4731-B77A-F488A94F0CBD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "21AC1961-12F7-456F-9CE4-9AAF116CF141" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DF9F1050-B6BE-4B99-882B-36D6E187304D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "749FFB51-65D4-4A4B-95F3-742440276897" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "82321E60-2553-41E2-A4F4-375CFF011C0A", | |
| "version_end_including": "8.1.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B1C92642-7C8D-411A-8726-06A8A6483D65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3CBE2E6C-AF0E-4A77-9EB0-3593889BC676" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B5C5C14-383C-4630-858E-D40D6C32FD4B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F509566A-6D4A-40C0-8A16-F8765C5DCAAF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "707D7124-6063-4510-80B4-AD9675996F67" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "200FFAE3-CC1C-4A11-99AD-377D54A67195" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8A990E86-07C0-49E2-92D6-55E499F30FAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6AED985D-60D7-489E-9F1E-CE3C9D985B7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF7EAA22-CED2-4379-9465-9562BACB1C20" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7AA1BA3-9FFA-46AB-A92A-7247D5F7EA06" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3F5F7424-1E19-4078-8908-CD86A0185042" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F2402B40-6B72-48B5-A376-DA8D16CA43FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0D968113-340A-4E5A-B4FD-D9702D49E3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACF742B8-5F7A-487B-835C-756B1BB392F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5B9351C2-16ED-4766-B417-8DB3A8766C2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "74667860-0047-40AD-9468-860591BA9D17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B95511FD-C8F1-478F-B6DF-1D0E068845D3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24262AFA-2EC8-479E-8922-36DB4243E404" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F1E62096-08B2-4722-A492-11E9A441E85B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5370AC6-90EE-48EA-8DBD-54002B102F7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C36D10A8-D211-437D-98D8-9029D0A9CF8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA55D00C-3629-48E4-8699-F62B8D703E02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "623324C2-C8B5-4C3C-9C10-9677D5A6740A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "634396D6-4ED6-4F4D-9458-396373489589" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9A265869-EF58-428E-B8BB-30CABCBE0A83" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ADB421CD-85DE-4495-93B7-46708449AE27" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "32049561-270C-4B18-9E96-EA0F66ACECAA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5491D310-E1C0-4FCB-9DCA-97CA1F95D4BA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1976F77D-D8D2-4107-A1C4-05D776A02FAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2007-5659", | |
| "published": "2008-02-12T19:00:00", | |
| "last_modified": "2017-09-29T01:29:40.190000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "M\u00faltiples desbordamientos de b\u00fafer en Adobe Reader and Acrobat 8.1.1 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros PDF con argumentos largos de m\u00e9todos no especificados de JavaScript.\r\nNOTA: esta cuesti\u00f3n podr\u00eda ser subsumida por CVE-2008-0655." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-200803-01.xml", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa08-01.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb08-13.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/666281", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2008-0144.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA08-043A.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2008/1966/references", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9813", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3A068220-ADFE-46F0-AE35-3355BEFEECD9", | |
| "version_end_including": "8.1.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "82321E60-2553-41E2-A4F4-375CFF011C0A", | |
| "version_end_including": "8.1.1" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2008-3431", | |
| "published": "2008-08-05T19:41:00", | |
| "last_modified": "2018-10-11T20:48:19.147000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\\\.\\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La funci\u00f3n VBoxDrvNtDeviceControl del archivo VBoxDrv.sys de Sun xVM VirtualBox en versiones anteriores a la 1.6.4, utiliza el m\u00e9todo de comunicaci\u00f3n METHOD_NEITHER para IOCTLs, que no validad adecuadamente el b\u00fafer asociado con el objeto Irp, el cual permite a los usuario locales ganar privilegios abriendo el dispositivo \\\\.\\VBoxDrv y llamando a DeviceIoControl para enviar una direcci\u00f3n manipulada del kernel" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://securityreason.com/securityalert/4107", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1020625", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-240095-1", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://virtualbox.org/wiki/Changelog", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.coresecurity.com/content/virtualbox-privilege-escalation-vulnerability", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/495095/100/0/threaded", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/30481", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2008/2293", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44202", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://www.exploit-db.com/exploits/6218", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Oracle VirtualBox Insufficient Input Validation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-264" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4E6BF0D3-5C75-4EC2-943E-3E3BBC1F9806", | |
| "version_end_including": "1.6.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B3DA16A6-8C03-485A-B157-E86F270DA187" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B7C0368-A4D1-4F98-9311-3B28B5002FEA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.3.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F58DB367-855B-4D4B-A6D0-A8E9E52A7474" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.3.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "49D1BACC-C58D-480C-915B-1716A0B8D249" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "75554A1B-9A13-49EC-A101-B03C19702BD5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA586938-0269-42C9-A974-7FC0CFF721AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.5.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5A6AD5B8-3739-46EB-86FE-50A5288712DD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.5.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "109414D9-5A5D-4B86-8F2B-687381CFEAAC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.5.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B0CDDC5A-FFF6-40CE-A694-803AFAD15589" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:xvm_virtualbox:1.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1D7A5D6B-F6F7-470F-8356-D2E1674CA46C" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2008-2992", | |
| "published": "2008-11-04T18:29:47.667000", | |
| "last_modified": "2018-10-30T16:25:16.967000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Adobe Acrobat y Reader versi\u00f3n 8.1.2 y anteriores, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF que llama a la funci\u00f3n JavaScript util.printf con un argumento de cadena de formato creado, un problema relacionado con el CVE-2008-1104." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://download.oracle.com/sunalerts/1019937.1.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/4549", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb08-19.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.coresecurity.com/content/adobe-reader-buffer-overflow", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/593409", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2008-0974.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/498027/100/0/threaded", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/498032/100/0/threaded", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/498055/100/0/threaded", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/30035", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/32091", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1021140", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA08-309A.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2008/3001", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/0098", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-072/", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://www.exploit-db.com/exploits/6994", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://www.exploit-db.com/exploits/7006", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Reader and Acrobat Input Validation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7749D5FB-8D70-4734-8C68-CFED772C7AD8", | |
| "version_end_including": "8.1.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "465F9134-DD86-4F13-8C39-949BE6E7389A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BB041EDF-EFF8-4AA6-8D59-411975547534" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4C05F6A5-0FB3-489B-9B8B-64C569C03D7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AABA4FE3-662B-4956-904D-45086E000890" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "998CD79C-458E-46A8-8261-1C40C53D9FA5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0155FB0B-7FAD-4388-96C8-A8543B4FDFD9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "201F059D-33D1-4D9F-9C6F-FC8EB49E4735" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B025E795-5713-485E-8A15-EBE4451A1A46" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B453FA1D-0FE9-4324-9644-E167561926C2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FDEA946E-B6D2-463B-89D0-F2F37278089E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "183B5940-2310-4D2E-99F0-9792A801A442" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E5FCDCBF-597B-439C-8D8B-2819FC70C567" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "440B890A-90E9-4456-B92A-856CD17F0C78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79BD9D8D-39DA-403E-915D-E1B6A46A6BAB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8976A7DC-1314-4C4A-A7C5-AA789D2DAB9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FECFC942-4F04-420C-A9B4-AE0C0590317F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1DC97A87-2652-4AD6-8E10-419A9AC9C245" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E1F71AE-3591-499E-B09F-AAC4E38F1CF2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D75174C-EBF9-4117-9E66-80E847012853" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69B0305A-51D3-4E09-B96C-54B0ED921DA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9762FE57-837B-4FFA-9813-AC038450EB2B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0055A38C-E421-40A1-8BC7-11856A20B8F0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "758CC9EE-8929-405B-A845-83BAAECCB2AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "749FFB51-65D4-4A4B-95F3-742440276897" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8665E53-EC1E-4B95-9064-2565BC12113E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B696DE60-BE96-4590-A903-AB792881A38A", | |
| "version_end_including": "8.1.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B1C92642-7C8D-411A-8726-06A8A6483D65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F509566A-6D4A-40C0-8A16-F8765C5DCAAF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "707D7124-6063-4510-80B4-AD9675996F67" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "200FFAE3-CC1C-4A11-99AD-377D54A67195" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8A990E86-07C0-49E2-92D6-55E499F30FAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6AED985D-60D7-489E-9F1E-CE3C9D985B7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF7EAA22-CED2-4379-9465-9562BACB1C20" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7AA1BA3-9FFA-46AB-A92A-7247D5F7EA06" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3F5F7424-1E19-4078-8908-CD86A0185042" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F2402B40-6B72-48B5-A376-DA8D16CA43FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0D968113-340A-4E5A-B4FD-D9702D49E3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACF742B8-5F7A-487B-835C-756B1BB392F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5B9351C2-16ED-4766-B417-8DB3A8766C2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "74667860-0047-40AD-9468-860591BA9D17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24262AFA-2EC8-479E-8922-36DB4243E404" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F1E62096-08B2-4722-A492-11E9A441E85B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5370AC6-90EE-48EA-8DBD-54002B102F7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C36D10A8-D211-437D-98D8-9029D0A9CF8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA55D00C-3629-48E4-8699-F62B8D703E02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "623324C2-C8B5-4C3C-9C10-9677D5A6740A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "634396D6-4ED6-4F4D-9458-396373489589" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-0927", | |
| "published": "2009-03-19T10:30:00.420000", | |
| "last_modified": "2018-11-08T20:25:10.837000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad no especificada en Adobe Reader y Adobe Acrobat v9.1 y v7.1.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores desconocidos, en relaci\u00f3n con un m\u00e9todo JavaScript y validaci\u00f3n de entrada, una vulnerabilidad diferente a CVE-2009-0658." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Mailing List", | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Mailing List", | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-200904-17.xml", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Broken Link" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/exploits/9579", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/502116/100/0/threaded", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/34169", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1021861", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/0770", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/1019", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-014", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49312", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Analyzed", | |
| "evaluator_solution": "Per vendor advisory in the 'details' section it states:\n\n\"The Adobe Reader and Acrobat 9.1 and 7.1.1 updates resolve an input validation issue in a JavaScript method that could potentially lead to remote code execution. This issue has already been resolved in Adobe Reader 8.1.3 and Acrobat 8.1.3. (CVE-2009-0927)\"\n\nhttp://www.adobe.com/support/security/bulletins/apsb09-04.html", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FE671D4C-9BAC-4E77-A983-12F6BFD70562", | |
| "version_start_including": "7.0", | |
| "version_end_excluding": "7.1.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B03B6302-5781-4010-AD6A-7D18973D70C1", | |
| "version_start_including": "8.0", | |
| "version_end_excluding": "8.1.3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BDBEDB79-859B-4EC6-8AFB-81FC20EB52B1", | |
| "version_start_including": "9.0", | |
| "version_end_excluding": "9.1" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-1151", | |
| "published": "2009-03-26T14:30:00.267000", | |
| "last_modified": "2018-10-10T19:34:25.573000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad de inyecci\u00f3n de c\u00f3digo est\u00e1tico en el archivo setup.php en phpMyAdmin v2.11.x anteriores a v2.11.9.5 y v3.x anteriores a v3.1.3.1 que permite a los atacantes remotos inyectar c\u00f3digo PHP arbitrariamente en el archivo de configuraci\u00f3n a trav\u00e9s de la acci\u00f3n guardar." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-200906-03.xml", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.debian.org/security/2009/dsa-1824", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:115", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/504191/100/0/threaded", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/34236", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://www.exploit-db.com/exploits/8921", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "phpMyAdmin Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P", | |
| "base_score": 7.5, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "PARTIAL", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 6.4, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-94" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9B142F14-A80C-4B95-86C9-0B57436AE8FA", | |
| "version_end_including": "3.1.3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A98FF47C-8BA8-40E1-98F5-743CAD5DC52A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1:*:*:*:*:*:*", | |
| "match_criteria_id": "346DF9C7-40BE-44FD-BB5A-23F60616E97F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "B00F4D78-34C3-4934-8AFA-B7283388B246" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2B9F52BC-AC6A-41BB-8276-6176FA068929" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "BDA3305E-CBC2-4469-923F-29EDA0402CB1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4BC82C85-C9CF-424D-A07A-E841F7AC1904" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0549FC5-B8E8-455D-867B-BAF321DE7004" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "01DA6D40-2D3A-4490-B4E6-1367C585ED9A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E351CA2-71DB-4025-8477-24DFE5349195" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "34AB221E-3DFA-43E4-9DBA-5565F81C0120" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FCB774D1-8B5D-4118-8A5B-D7D14D7DE162" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6C10F7C9-FAAA-4D05-8CB2-F5CB397F8410" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "54669C6E-C13B-4602-9CC1-53B24CB897FF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "40CE5E7C-A965-492F-AE85-535C3E5F1B17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2F8AAB78-8460-43BB-9326-0395F7496EC8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2909BBB8-AB67-45DC-BAF0-015CBF97AFD8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "52F3DA64-2099-4A4F-9F38-F28255F47BD1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "80E1F897-861F-4E10-8E05-3C0DD60C7979" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "D8CC1C1E-2B8C-4E59-B5ED-ED2957B46743" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EA5BCF7D-43FC-459C-8564-F0DCDC301FC8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DA6A75C9-C695-45DF-9526-8DEA506FB21F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "03246EF4-F805-4C1C-9E6C-D85AFBD2D168" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DE432385-9FC2-4EB3-9770-4CA9A2979019" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "4EFCA67E-49E1-41FF-8B40-0209FF7893FB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0AF4BA83-50C0-4D90-9755-CC99A0FF987E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AE588389-7B4F-4949-BB7A-233C6BE31859" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8E709A6B-B580-414B-8CEE-8FF99F8409C5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B9AA2E6-CF57-40A1-9A9C-B704D8B009F2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8DE75CBB-4EC2-4B97-9E86-28BB05DEA30C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A26E7D37-FA99-42EA-8E19-ED2343E8E70A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A982E152-5A20-4A3A-9A98-6CF9EEF9141A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FFA11353-1DD1-4593-84E8-1D3CBB2C2166" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FB0C19FB-60DF-440F-9A32-B9C62EBA9836" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9716FC40-F759-4D24-9604-7A2DB32A8F42" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "400E2D41-CB1F-4E5C-B08D-35294F8D1402" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F4AFEEBA-01BA-46D6-86A3-B1B5A8F1B5FB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "3F72014B-B168-4FFA-ADDC-86CE84D19681" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AFFE8553-D8FF-4BA3-9325-A3C366FDFBEB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "72CD1784-3F48-49B5-A154-61C1F7EC3F61" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1:*:*:*:*:*:*", | |
| "match_criteria_id": "278B4EF3-4331-4334-AB55-EC05C069F48A" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-0563", | |
| "published": "2009-06-10T18:00:00.313000", | |
| "last_modified": "2018-10-12T21:50:43.147000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka \"Word Buffer Overflow Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Office Word 2002 SP3, 2003 SP3 y 2007 SP1 y SP2 de Microsoft; Office para Mac 2004 y 2008 de Microsoft; Open XML File Format Converter para Mac; Office Word Viewer 2003 SP3 de Microsoft; Office Word Viewer de Microsoft; y Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007 SP1 y SP2 de Microsoft, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un documento de Word con una etiqueta dise\u00f1ada que contiene un campo de longitud no v\u00e1lido, tambi\u00e9n se conoce como \"Word Buffer Overflow Vulnerability\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/504204/100/0/threaded", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/35188", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1022356", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/1546", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-035", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-027", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6133", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Office Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "5BA91840-371C-4282-9F7F-B393F785D260" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "34C5FEAD-4B4B-44EB-9F3A-05093347A2F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "3382DE96-A3CD-4094-9828-2955472BBE2D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word:2000:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "C1B2B207-751F-4596-B805-B4622E312B93" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word:2002:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "0E99B12F-0DB7-4D0F-AD54-DD906CC8E3BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "CDA5243A-BA58-41BC-8FFC-317239E511C2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word:2007:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "413DBB72-E807-46EC-AD7B-4D62C6217CCB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word:2007:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "0B3ECA7D-1B9B-44EF-B76C-01CB36CCC33E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E647A7B3-7A92-4584-BDA7-81752FF59411" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "B4B148CC-6C58-411B-8503-01F3BE1D5906" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-0557", | |
| "published": "2009-06-10T18:30:00.203000", | |
| "last_modified": "2018-10-12T21:50:37.457000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka \"Object Record Corruption Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Excel en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, y Office 2004 y 2008 para Mac; Excel en Microsoft Office 2007 System SP1 y SP2; Open XML File Format Converter para Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; y Microsoft Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero manipulado con un objeto grabado de forma incorrecta, tambi\u00e9n conocida como \"Vulnerabilidad de corrupci\u00f3n de objeto grabado\"" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://www.securityfocus.com/bid/35241", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1022351", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/1540", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5564", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Office Object Record Corruption Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-94" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "5BA91840-371C-4282-9F7F-B393F785D260" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "34C5FEAD-4B4B-44EB-9F3A-05093347A2F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "3382DE96-A3CD-4094-9828-2955472BBE2D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_excel:2000:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "806086B6-AB83-4008-A1A2-73BC35A95925" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_excel:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "AD22DBA8-40B0-4197-9D56-38D5D9E1ED89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_excel:2007:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "297A9F48-13DF-4042-AC21-B8B764B217BE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_excel:2007:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "F03E302A-83DE-46FF-9044-09230841BD2A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4A2613CE-C469-43AE-A590-87CE1FAADA8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "B18C291F-57C2-4328-8FCF-3C1A27B0D18D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x32:*:*:*:*:*", | |
| "match_criteria_id": "E013CE59-0ABF-4542-A9E9-D295AA0FC2A2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x64:*:*:*:*:*", | |
| "match_criteria_id": "C0AEECDD-BBD0-4042-8A47-D66670A6DC6E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x32:*:*:*:*:*", | |
| "match_criteria_id": "91A3E58F-E2FE-4346-9083-58C963171A73" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "6BE07062-6299-4371-BD74-BA7F7840DBA8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-1123", | |
| "published": "2009-06-10T18:30:00.327000", | |
| "last_modified": "2019-02-26T14:04:00.993000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka \"Windows Kernel Desktop Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 no valida adecuadamente los cambios en objetos del kernel no especificados, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocida como \"Vulnerabilidad de escritorio en el kernel de Windows\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://www.securitytracker.com/id?1022359", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/1544", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6206", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Windows Improper Input Validation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", | |
| "match_criteria_id": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", | |
| "match_criteria_id": "9CFB1A97-8042-4497-A45D-C014B5E240AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "7F9C7616-658D-409D-8B53-AC00DC55602A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", | |
| "match_criteria_id": "7C684420-1614-4DAE-9BD9-F1FE9102A50F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x32:*:*:*:*:*:*", | |
| "match_criteria_id": "9517571A-BC1A-4838-A094-30081A86D36C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x64:*:*:*:*:*:*", | |
| "match_criteria_id": "CD7CA7F0-9C4D-4172-91BD-90A8C86EE337" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*", | |
| "match_criteria_id": "6137FDAA-F552-4A3F-B404-5CB75B189000" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "0A0D2704-C058-420B-B368-372D1129E914" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "F2E35DE9-2BAE-4652-93DE-C005ACE6FBB4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "9B339C33-8896-4896-88FF-88E74FDBC543" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "CE477A73-4EE4-41E9-8694-5A3D5DC88656" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-1862", | |
| "published": "2009-07-23T20:30:00.233000", | |
| "last_modified": "2009-09-16T05:31:35.203000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad sin especificar en Adobe Reader , Acrobat de la v9.x a la v9.1.2 y Adobe Flash Player v9.x a la v9.0.159.0 y v10.x a la v10.0.22.87, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1)una aplicaci\u00f3n flash manipulada en un archivo .pdf o (2) un archivo .swf. Relacionado con el authplay.dll, como se ha explotado p\u00fablicamente en julio del 2009." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://bugs.adobe.com/jira/browse/FP-1265", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://isc.sans.org/diary.html?storyid=6847", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://news.cnet.com/8301-27080_3-10293389-245.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-200908-04.xml", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://support.apple.com/kb/HT3864", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://support.apple.com/kb/HT3865", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa09-03.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb09-10.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/259425", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/35759", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "evaluator_impact": "Per: http://www.kb.cert.org/vuls/id/259425\r\n\r\n\"Adobe Flash is a widely deployed multimedia platform typically used to provide content in web sites. Adobe Flash Player, Reader, Acrobat, and other Adobe products include Flash support.\r\n\r\nAdobe Flash Player contains a code execution vulnerability. An attacker may be able to trigger this vulnerability by convincing a user to open a specially crafted Flash (SWF) file. The SWF file could be hosted or embedded in a web page or contained in a Portable Document Format (PDF) file. If an attacker can take control of a website or web server, trusted sites may exploit this vulnerability.\r\n\r\nThis vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0\"", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-94" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*", | |
| "match_criteria_id": "600DDA9D-6440-48D1-8539-7127398A8678" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "934A869D-D58D-4C36-B86E-013F62790585" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACFA6611-99DA-48B0-89F7-DD99B8E30334" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F5D52F86-2E38-4C66-9939-7603367B8D0E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7AE89894-E492-4380-8A2B-4CDD3A15667A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "260E2CF6-4D15-4168-A933-3EC52D8F93FF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D50BF190-2629-49A8-A377-4723C93FFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BDD0A103-6D00-4D3D-9570-2DF74B6FE294" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33AC4365-576C-487A-89C5-197A26D416C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FE848097-01E6-4C9B-9593-282D55CC77D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*", | |
| "match_criteria_id": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-2055", | |
| "published": "2009-08-19T17:30:01.047000", | |
| "last_modified": "2009-08-21T04:00:00", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Cisco IOS XR desde la v3.4.0 hasta la v3.8.1 permite a atacantes remotos producir una denegaci\u00f3n de servicio (reset de sesi\u00f3n) a trav\u00e9s de el mensaje BGP UPDATE con un atributo invalido, como se demostr\u00f3 el 17 de Agosto de 2009." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://mailman.nanog.org/pipermail/nanog/2009-August/012719.html", | |
| "source": "ykramarz@cisco.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1022739", | |
| "source": "ykramarz@cisco.com" | |
| }, | |
| { | |
| "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml", | |
| "source": "ykramarz@cisco.com", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "ykramarz@cisco.com", | |
| "vuln_status": "Analyzed", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P", | |
| "base_score": 4.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "NONE", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 8.6, | |
| "impact_score": 2.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "75538529-611A-43B5-AC4D-089C4E2E2ACC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "00DA2581-F618-4F2A-AB65-DA23DF51AF89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "81797938-F953-42BE-B287-AA48B9860AF6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "92AED038-C73F-4499-B064-F01D80DB0C64" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB7A249B-AF69-47D0-B6DE-968B4CD0BA42" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F992D03D-1DB8-44C1-B59D-1C09A32A2C91" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5F15240-6323-4766-801A-D887F3EA8A6B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D99DC1CF-78DC-4E59-98BA-DD84702D6467" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B9FA754-E3D2-4D80-8F4B-41139973D9FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F497A05C-2FC5-427D-8036-2476ACA956C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2252E7B0-9112-4E9E-8CF4-4EC53C630CFD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1131A524-AA7A-4C94-9FFE-54546EA7D2CC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "46D1A634-D39C-4305-8915-4AA289FB68EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "21BAB799-3150-46D8-AEA3-9FCC73203221" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "99042285-94AC-4C57-8EAA-EE63C678A94A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2E752AA9-CC1C-44B6-A916-A3C76A57F05C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "71CBE50E-9BD3-4F74-8C7A-BE4905090EE2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "96F48419-AF66-4B50-ACBF-9E38287A64FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EBB71A24-AA6C-4BAD-BD37-5C191751C9DF" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-3129", | |
| "published": "2009-11-11T19:30:00.530000", | |
| "last_modified": "2018-10-12T21:52:14.153000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka \"Excel Featheader Record Memory Corruption Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Office Excel 2002 SP3, 2003 SP3 y 2007 SP1 y SP2; Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 y SP2; y Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 y SP2, de Microsoft, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una hoja de c\u00e1lculo con un registro FEATHEADER que contiene un elemento de tama\u00f1o cbHdrData no v\u00e1lido que afecta a un desplazamiento del puntero, tambi\u00e9n se conoce como \"Excel Featheader Record Memory Corruption Vulnerability\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://archives.neohapsis.com/archives/bugtraq/2009-11/0080.html", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=832", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/exploits/14706", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/36945", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1023157", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA09-314A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-083", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-067", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6521", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Excel Featheader Record Memory Corruption Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-94" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:compatibility_pack_word_excel_powerpoint:2007:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "7EB896B5-611E-4457-B438-C6CC937D63FF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:compatibility_pack_word_excel_powerpoint:2007:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "3F9109ED-34C9-45E0-9E8B-FC05054E0F73" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "CEBB33CD-CACF-4EB8-8B5F-8E1CB8D7A440" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "F703901F-AD7C-42E7-BBFA-529A8C510D83" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "273729C3-56BF-454A-8697-473094EA828F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel_viewer:*:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "8E8D1DDD-8996-43A3-9FC7-60539E09CFC4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel_viewer:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "D65CAA23-16D8-4AE7-8BC4-F73B1C5F9C3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "5BA91840-371C-4282-9F7F-B393F785D260" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-4324", | |
| "published": "2009-12-15T02:30:00.217000", | |
| "last_modified": "2018-10-30T16:25:16.967000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La vulnerabilidad de uso de la memoria previamente liberada (Use-after-free) en la funci\u00f3n Doc.media.newPlayer en el archivo Multimedia.api en Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.3, y versi\u00f3n 8.x anterior a 8.2 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado utilizando una transmisi\u00f3n comprimida ZLib, tal como se explot\u00f3 \u201cin the wild\u201d en diciembre de 2009." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/508357", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/37331", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2009/3518", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/0103", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547799", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54747", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader Use-After-Free Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-399" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C42D46A5-DB0B-48EF-8587-C2CEDAA14A4A", | |
| "version_end_including": "9.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "183B5940-2310-4D2E-99F0-9792A801A442" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E5FCDCBF-597B-439C-8D8B-2819FC70C567" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "440B890A-90E9-4456-B92A-856CD17F0C78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79BD9D8D-39DA-403E-915D-E1B6A46A6BAB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8976A7DC-1314-4C4A-A7C5-AA789D2DAB9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FECFC942-4F04-420C-A9B4-AE0C0590317F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1DC97A87-2652-4AD6-8E10-419A9AC9C245" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E1F71AE-3591-499E-B09F-AAC4E38F1CF2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D75174C-EBF9-4117-9E66-80E847012853" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69B0305A-51D3-4E09-B96C-54B0ED921DA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9762FE57-837B-4FFA-9813-AC038450EB2B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0055A38C-E421-40A1-8BC7-11856A20B8F0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "758CC9EE-8929-405B-A845-83BAAECCB2AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "749FFB51-65D4-4A4B-95F3-742440276897" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8665E53-EC1E-4B95-9064-2565BC12113E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E7BDB18D-A53C-4252-B2ED-42E6F3609277", | |
| "version_end_including": "9.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B1C92642-7C8D-411A-8726-06A8A6483D65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F509566A-6D4A-40C0-8A16-F8765C5DCAAF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "707D7124-6063-4510-80B4-AD9675996F67" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "200FFAE3-CC1C-4A11-99AD-377D54A67195" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8A990E86-07C0-49E2-92D6-55E499F30FAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6AED985D-60D7-489E-9F1E-CE3C9D985B7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF7EAA22-CED2-4379-9465-9562BACB1C20" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7AA1BA3-9FFA-46AB-A92A-7247D5F7EA06" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3F5F7424-1E19-4078-8908-CD86A0185042" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F2402B40-6B72-48B5-A376-DA8D16CA43FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0D968113-340A-4E5A-B4FD-D9702D49E3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACF742B8-5F7A-487B-835C-756B1BB392F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5B9351C2-16ED-4766-B417-8DB3A8766C2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "74667860-0047-40AD-9468-860591BA9D17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24262AFA-2EC8-479E-8922-36DB4243E404" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F1E62096-08B2-4722-A492-11E9A441E85B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5370AC6-90EE-48EA-8DBD-54002B102F7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C36D10A8-D211-437D-98D8-9029D0A9CF8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA55D00C-3629-48E4-8699-F62B8D703E02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "623324C2-C8B5-4C3C-9C10-9677D5A6740A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "634396D6-4ED6-4F4D-9458-396373489589" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5BEA847-A71E-4336-AB67-B3C38847C1C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-3953", | |
| "published": "2010-01-13T19:30:00.343000", | |
| "last_modified": "2018-10-30T16:25:16.967000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration \"array boundary issue,\" a different vulnerability than CVE-2009-2994." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La implementaci\u00f3n U3D en Adobe Reader y Acrobat v9.x anterior a v9.3, y v8.x anterior a v8.2 sobre Windows y Mac OS X, podr\u00eda permitir a atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados, relacionados con una \"cuesti\u00f3n de limitaci\u00f3n en el array\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.metasploit.com/modules/exploit/windows/fileformat/adobe_u3d_meshdecl", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0060.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/37758", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1023446", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-013A.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/0103", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55551", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8242", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "evaluator_impact": "Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html\r\n\r\nAffected software versions:\r\n\r\nAdobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX\r\nAdobe Acrobat 9.2 and earlier versions for Windows and Macintosh", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 10.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C42D46A5-DB0B-48EF-8587-C2CEDAA14A4A", | |
| "version_end_including": "9.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "465F9134-DD86-4F13-8C39-949BE6E7389A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BB041EDF-EFF8-4AA6-8D59-411975547534" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4C05F6A5-0FB3-489B-9B8B-64C569C03D7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AABA4FE3-662B-4956-904D-45086E000890" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "998CD79C-458E-46A8-8261-1C40C53D9FA5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0155FB0B-7FAD-4388-96C8-A8543B4FDFD9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "201F059D-33D1-4D9F-9C6F-FC8EB49E4735" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B025E795-5713-485E-8A15-EBE4451A1A46" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B453FA1D-0FE9-4324-9644-E167561926C2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FDEA946E-B6D2-463B-89D0-F2F37278089E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "183B5940-2310-4D2E-99F0-9792A801A442" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E5FCDCBF-597B-439C-8D8B-2819FC70C567" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "440B890A-90E9-4456-B92A-856CD17F0C78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79BD9D8D-39DA-403E-915D-E1B6A46A6BAB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8976A7DC-1314-4C4A-A7C5-AA789D2DAB9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "37854E7C-2166-48D7-AE8C-44C9468C38C7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FECFC942-4F04-420C-A9B4-AE0C0590317F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1DC97A87-2652-4AD6-8E10-419A9AC9C245" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E1F71AE-3591-499E-B09F-AAC4E38F1CF2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D75174C-EBF9-4117-9E66-80E847012853" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69B0305A-51D3-4E09-B96C-54B0ED921DA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9762FE57-837B-4FFA-9813-AC038450EB2B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0055A38C-E421-40A1-8BC7-11856A20B8F0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "758CC9EE-8929-405B-A845-83BAAECCB2AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24A7CF98-27EC-406A-98E2-ACC1AAAF5C93" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BC1BD70D-7A92-4309-A40C-9BD500997390" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9C17896-8895-4731-B77A-F488A94F0CBD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "21AC1961-12F7-456F-9CE4-9AAF116CF141" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DF9F1050-B6BE-4B99-882B-36D6E187304D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "749FFB51-65D4-4A4B-95F3-742440276897" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8665E53-EC1E-4B95-9064-2565BC12113E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0E190FF-3EBC-44AB-8072-4D964E843E8A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6A624D44-C135-4ED3-9BA4-F4F8A044850B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B95C0A99-42E4-40A9-BF61-507E4E4DC052" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B9F55CC-3681-4A67-99D1-3F40447392D5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E7BDB18D-A53C-4252-B2ED-42E6F3609277", | |
| "version_end_including": "9.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B1C92642-7C8D-411A-8726-06A8A6483D65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3CBE2E6C-AF0E-4A77-9EB0-3593889BC676" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B5C5C14-383C-4630-858E-D40D6C32FD4B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F509566A-6D4A-40C0-8A16-F8765C5DCAAF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "707D7124-6063-4510-80B4-AD9675996F67" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "200FFAE3-CC1C-4A11-99AD-377D54A67195" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8A990E86-07C0-49E2-92D6-55E499F30FAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6AED985D-60D7-489E-9F1E-CE3C9D985B7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF7EAA22-CED2-4379-9465-9562BACB1C20" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7AA1BA3-9FFA-46AB-A92A-7247D5F7EA06" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3F5F7424-1E19-4078-8908-CD86A0185042" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F2402B40-6B72-48B5-A376-DA8D16CA43FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0D968113-340A-4E5A-B4FD-D9702D49E3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACF742B8-5F7A-487B-835C-756B1BB392F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5B9351C2-16ED-4766-B417-8DB3A8766C2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "74667860-0047-40AD-9468-860591BA9D17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24262AFA-2EC8-479E-8922-36DB4243E404" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F1E62096-08B2-4722-A492-11E9A441E85B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5370AC6-90EE-48EA-8DBD-54002B102F7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C36D10A8-D211-437D-98D8-9029D0A9CF8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA55D00C-3629-48E4-8699-F62B8D703E02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "623324C2-C8B5-4C3C-9C10-9677D5A6740A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "634396D6-4ED6-4F4D-9458-396373489589" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9A265869-EF58-428E-B8BB-30CABCBE0A83" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ADB421CD-85DE-4495-93B7-46708449AE27" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "32049561-270C-4B18-9E96-EA0F66ACECAA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5491D310-E1C0-4FCB-9DCA-97CA1F95D4BA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5BEA847-A71E-4336-AB67-B3C38847C1C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39F6994B-6969-485B-9286-2592B11A47BF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC533775-B52E-43F0-BF19-1473BE36232D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C4670451-511E-496C-A78A-887366E1E992" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-0232", | |
| "published": "2010-01-21T19:30:00.900000", | |
| "last_modified": "2019-02-26T14:04:00.993000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka \"Windows Kernel Exception Handler Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El kernel en Microsoft Windows NT versi\u00f3n 3.1 hasta Windows 7, incluyendo Windows 2000 SP4, Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1 y SP2, y Windows Server 2008 Gold y SP2, cuando el acceso a aplicaciones de 16 bits est\u00e1 habilitado en una plataforma x86 de 32 bits, no valida apropiadamente ciertas llamadas de BIOS, lo que permite a los usuarios locales alcanzar privilegios mediante la creaci\u00f3n de una estructura de datos VDM_TIB en el bloque de entorno de subprocesos (TEB), y luego llamar a la funci\u00f3n NtVdmControl para iniciar la m\u00e1quina de DOS virtuales de Windows (tambi\u00e9n se conoce como NTVDM), lo que conlleva a excepciones controladas inapropiadamente que implican el controlador #GP trap (nt!KiTrap0D), tambi\u00e9n se conoce como \"Windows Kernel Exception Handler Vulnerability\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://seclists.org/fulldisclosure/2010/Jan/341", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1023471", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.microsoft.com/technet/security/advisory/979682.mspx", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/37864", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/0179", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Windows Kernel Exception Handler Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-264" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2000:sp4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "11AFB73A-1C61-40F1-8415-E4D40BB2699B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E33796DB-4523-4F04-B564-ADF030553D51" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_nt:3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "18CE48AB-D353-40AE-A1B2-0E024FD3B1C6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", | |
| "match_criteria_id": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", | |
| "match_criteria_id": "9CFB1A97-8042-4497-A45D-C014B5E240AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "7F9C7616-658D-409D-8B53-AC00DC55602A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "FFF81F4B-7D92-4398-8658-84530FB8F518" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", | |
| "match_criteria_id": "7AE15F6C-80F6-43A6-86DA-B92116A697A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x32:*:*:*:*:*:*", | |
| "match_criteria_id": "9517571A-BC1A-4838-A094-30081A86D36C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3852BB02-47A1-40B3-8E32-8D8891A53114" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*", | |
| "match_criteria_id": "6137FDAA-F552-4A3F-B404-5CB75B189000" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "F2E35DE9-2BAE-4652-93DE-C005ACE6FBB4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:sp1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "49F99773-D1AF-4596-856A-CA164D4B68E5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:sp2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9F916C0D-3B99-46F3-A7AE-BAF067361499" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B47EBFCC-1828-45AB-BC6D-FB980929A81A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:sp3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E69F8C21-5996-4083-A02A-F04AE948CEA9" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2009-3960", | |
| "published": "2010-02-15T18:30:00.407000", | |
| "last_modified": "2017-08-16T01:29:00.447000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad sin especificar en BlazeDS v3.2 y anteriores, tal como es utilizado en LiveCycle v8.0.1, v8.2.1 y v9.0, LiveCycle Data Services v2.5.1, v2.6.1 y v3.0, Flex Data Services v2.0.1 y ColdFusion v7.0.2, v8.0, v8.0.1 y v9.0. Permite a atacantes remotos obtener informaci\u00f3n confidencial a trav\u00e9s de vectores de ataque asociados con una petici\u00f3n, y relacionados con una etiqueta inyectada y una referencia a una entidad externa en documentos XML." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://securitytracker.com/id?1023584", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-05.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/38197", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://www.exploit-db.com/exploits/41855/", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-07", | |
| "cisa_action_due": "2022-09-07", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe BlazeDS Information Disclosure Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N", | |
| "base_score": 4.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "NONE" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 8.6, | |
| "impact_score": 2.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:blazeds:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AEF7C97E-BE99-415D-B12B-D3E7BD9EDF08", | |
| "version_end_including": "3.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B015715F-9672-480E-B0AA-968D8C9070D5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD6C1877-7412-4FBE-9641-334971F9D153" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:8.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "28C8D6AF-EDE1-42BD-A47C-2EF8690299BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "113431FB-E4BE-4416-800C-6B13AD1C0E92" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flex_data_services:2.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6F65E3F-F3E7-4BE9-A13B-87FFF3B3777E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:lifecycle:8.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2A1EAAD5-7A00-4EC3-9F97-D2965E2569D8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:lifecycle:8.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D227BD60-5882-4C73-A642-EEE1E485FC48" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:lifecycle:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3824D1B3-CE8E-488C-B241-BBD764C935F5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:lifecycle_data_services:2.5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EDF0B56D-E982-44CE-92E8-DA696E33717A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:lifecycle_data_services:2.6.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "18CBBE17-8E63-4A48-997B-850702442394" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:lifecycle_data_services:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3080073F-5BF3-415D-917A-C04DDCEEB311" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-0188", | |
| "published": "2010-02-22T13:00:02.127000", | |
| "last_modified": "2017-09-19T01:30:16.923000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad no espec\u00edfica en Adobe Reader y Acrobat v8.x anteriores a v8.2.1 y v9.x anteriores v9.3.1, permite a atacantes provocar una denegaci\u00f3n de servicio (caidas de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1023601", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0114.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/38195", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/0399", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56297", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8697", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-94" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5BEA847-A71E-4336-AB67-B3C38847C1C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4D198253-0E52-4E7F-AA01-CA82B96CD5BA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39F6994B-6969-485B-9286-2592B11A47BF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC533775-B52E-43F0-BF19-1473BE36232D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C4670451-511E-496C-A78A-887366E1E992" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-0840", | |
| "published": "2010-04-01T16:30:00.907000", | |
| "last_modified": "2018-10-30T16:26:21.390000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos. NOTA: la informaci\u00f3n previa fue obtenida de la CPU Marzo 2010. Oracle no ha comentado sobre alegaciones de un investigador confiable de que esto est\u00e1 relacionado con los controles inadecuados en la ejecuci\u00f3n de los m\u00e9todos privilegiados en Java Runtime Environment (JRE), lo que permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) un objeto no confiable que ampl\u00eda la clase de confianza, pero no ha modificado un determinado m\u00e9todo o (2) \"una problema de confianza similar con las interfaces\", tambi\u00e9n conocido como \"Trusted Methods Chaining Remote Code Execution Vulnerability\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://support.apple.com/kb/HT4170", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://support.apple.com/kb/HT4171", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://ubuntu.com/usn/usn-923-1", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/39065", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1107", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1191", | |
| "source": "secalert_us@oracle.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1454", | |
| "source": "secalert_us@oracle.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1523", | |
| "source": "secalert_us@oracle.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1793", | |
| "source": "secalert_us@oracle.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974", | |
| "source": "secalert_us@oracle.com" | |
| } | |
| ], | |
| "source_identifier": "secalert_us@oracle.com", | |
| "vuln_status": "Modified", | |
| "evaluator_comment": "Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html\r\n\r\n\r\n\r\n'Affected product releases and versions:\r\n\u2022 Java SE: \t \r\n\r\n \u2022 JDK and JRE 6 Update 18 and earlier for Windows, Solaris, and Linux\r\n\t \r\n\r\n \u2022 JDK 5.0 Update 23 and earlier for Solaris\r\n\t \r\n\r\n \u2022 SDK 1.4.2_25 and earlier for Solaris\r\n\t \r\n\u2022 Java for Business: \t \r\n\r\n \u2022 JDK and JRE 6 Update 18 and earlier for Windows, Solaris and Linux\r\n\t \r\n\r\n \u2022 JDK and JRE 5.0 Update 23 and earlier for Windows, Solaris and Linux\r\n\t \r\n\r\n \u2022 SDK and JRE 1.4.2_25 and earlier for Windows, Solaris and Linux'", | |
| "cisa_exploit_add": "2022-05-25", | |
| "cisa_action_due": "2022-06-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Oracle JRE Unspecified Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P", | |
| "base_score": 7.5, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "PARTIAL", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 6.4, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:*:update_18:*:*:*:*:*:*", | |
| "match_criteria_id": "AA98E24E-B406-4F94-983D-7CDAE2EDAFD5", | |
| "version_end_including": "1.6.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CBCD143C-057D-4F42-B487-46801E14ACF7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*", | |
| "match_criteria_id": "09027C19-D442-446F-B7A8-21DB6787CF43" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*", | |
| "match_criteria_id": "0A0FEC28-0707-4F42-9740-78F3D2D551EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*", | |
| "match_criteria_id": "C3C5879A-A608-4230-9DC1-C27F0F48A13B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*", | |
| "match_criteria_id": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*", | |
| "match_criteria_id": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*", | |
| "match_criteria_id": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*", | |
| "match_criteria_id": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*", | |
| "match_criteria_id": "AADBB4F9-E43E-428B-9979-F47A15696C85" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*", | |
| "match_criteria_id": "49260B94-05DE-4B78-9068-6F5F6BFDD19E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*", | |
| "match_criteria_id": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*", | |
| "match_criteria_id": "90EC6C13-4B37-48E5-8199-A702A944D5A6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*", | |
| "match_criteria_id": "2528152C-E20A-4D97-931C-A5EC3CEAA06D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*", | |
| "match_criteria_id": "A99DAB4C-272B-4C91-BC70-7729E1152590" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*", | |
| "match_criteria_id": "30DFC10A-A4D9-4F89-B17C-AB9260087D29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*", | |
| "match_criteria_id": "272A5C44-18EC-41A9-8233-E9D4D0734EA6" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:*:update_18:*:*:*:*:*:*", | |
| "match_criteria_id": "69821E3E-D00B-462B-9AE2-3BC4C7924F71", | |
| "version_end_including": "1.6.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", | |
| "match_criteria_id": "722A93D8-B5BC-42F3-92A2-E424F61269A8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", | |
| "match_criteria_id": "775F2611-F11C-4B84-8F40-0D034B81BF18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", | |
| "match_criteria_id": "F20FDD9F-FF45-48BC-9207-54FB02E76071" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", | |
| "match_criteria_id": "9FA326F5-894A-4B01-BCA3-B126DA81CA59" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", | |
| "match_criteria_id": "228AB7B4-4BA4-43D4-B562-D438884DB152" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", | |
| "match_criteria_id": "AFD5C688-2103-4D60-979E-D9BE69A989C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", | |
| "match_criteria_id": "21421215-F722-4207-A2E5-E2DF4B29859B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", | |
| "match_criteria_id": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", | |
| "match_criteria_id": "D98175BF-B084-4FA5-899D-9E80DC3923EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", | |
| "match_criteria_id": "820632CE-F8DF-47EE-B716-7530E60008B7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", | |
| "match_criteria_id": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", | |
| "match_criteria_id": "D54AB785-E9B7-47BD-B756-0C3A629D67DD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", | |
| "match_criteria_id": "E9412098-0353-4F7B-9245-010557E6C651" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", | |
| "match_criteria_id": "AD30DAEB-4893-41CF-A455-B69C463B9337" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*", | |
| "match_criteria_id": "21D6CE7E-A036-496C-8E08-A87F62B5290A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", | |
| "match_criteria_id": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:*:update23:*:*:*:*:*:*", | |
| "match_criteria_id": "2C053822-6E03-4864-8C23-B3667B220DF1", | |
| "version_end_including": "1.5.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*", | |
| "match_criteria_id": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*", | |
| "match_criteria_id": "2AADA633-EB11-49A0-8E40-66589034F03E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*", | |
| "match_criteria_id": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*", | |
| "match_criteria_id": "B120F7D9-7C1E-4716-B2FA-2990D449F754" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*", | |
| "match_criteria_id": "CD61E49F-2A46-4107-BB3F-527079983306" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*", | |
| "match_criteria_id": "D900AAE0-6032-4096-AFC2-3D43C55C6C83" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*", | |
| "match_criteria_id": "88B0958C-744C-4946-908C-09D2A5FAB120" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*", | |
| "match_criteria_id": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*", | |
| "match_criteria_id": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*", | |
| "match_criteria_id": "3FD24779-988F-4EC1-AC19-77186B68229E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*", | |
| "match_criteria_id": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*", | |
| "match_criteria_id": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*", | |
| "match_criteria_id": "505A8F40-7758-412F-8895-FA1B00BE6B7D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*", | |
| "match_criteria_id": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*", | |
| "match_criteria_id": "5F8E9AA0-8907-4B1A-86A1-08568195217D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*", | |
| "match_criteria_id": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*", | |
| "match_criteria_id": "0754AFDC-2F1C-4C06-AB46-457B5E610029" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*", | |
| "match_criteria_id": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*", | |
| "match_criteria_id": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*", | |
| "match_criteria_id": "A5DA4242-30D9-44C8-9D0D-877348FFA22B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*", | |
| "match_criteria_id": "C61C6043-99D0-4F36-AF84-1A5F90B895EE" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "99ACE336-1CF4-4904-B313-30E532981FFE", | |
| "version_end_including": "1.4.2_25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "002CA86D-3090-4C7A-947A-21CB5D1ADD98" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6F6453C9-7EE0-4FFB-861D-C2D9416DCABA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AF4E34FD-D927-42BB-8A16-031D77CB4B9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A56D9A60-F272-4D4C-A9DD-C93DAF783585" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "976F4ACB-3725-45B7-B2EF-DEE4B88254E9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6A1F28FF-652A-4C89-9AC6-5E212F890811" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "96A8C351-E9CD-431B-8B9D-712CA54C7213" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "36888382-79C8-4C97-A654-C668CD68556F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E4F64FBC-DC97-4FE3-A235-18B87945AF7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "85048406-9051-4E69-94A8-5C449F3B89E7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B1C88DD7-0B46-4405-BD35-60D27E2DBA14" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*", | |
| "match_criteria_id": "08D23B7C-7B8C-41B8-8D94-BB0F27C7F0A8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C49B997-95D3-4DA4-A353-DB41AD461C5E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_19:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6F70EF76-ED5F-4835-8252-FE613604FA3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6BDBCAD8-CDF7-4550-8EA2-1409B02FFAD6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_21:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7E691333-0434-4808-9ED4-E82C6EC2FD37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_22:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BBE7A538-FF2E-4622-8479-781AB73CBA45" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_23:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CD491CD3-5763-4698-8893-2D5F5609BD89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:sdk:1.4.2_24:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ADF4E465-6B0B-4295-81F7-D09ADB81394C" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:*:update23:*:*:*:*:*:*", | |
| "match_criteria_id": "6246DF05-3B7C-4DD6-B7C7-D343DE96A3BD", | |
| "version_end_including": "1.5.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*", | |
| "match_criteria_id": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*", | |
| "match_criteria_id": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*", | |
| "match_criteria_id": "9919D091-73D7-465A-80FF-F37D6CAF9F46" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*", | |
| "match_criteria_id": "02565D6F-4CB2-4671-A4EF-3169BCFA6154" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*", | |
| "match_criteria_id": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*", | |
| "match_criteria_id": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*", | |
| "match_criteria_id": "55231B6B-9298-4363-9B5A-14C2DA7B1F50" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*", | |
| "match_criteria_id": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*", | |
| "match_criteria_id": "A5467E9D-07D8-4BEB-84D5-A3136C133519" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*", | |
| "match_criteria_id": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*", | |
| "match_criteria_id": "8A32F326-EA92-43CD-930E-E527B60CDD3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*", | |
| "match_criteria_id": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*", | |
| "match_criteria_id": "04344167-530E-4A4D-90EF-74C684943DF1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*", | |
| "match_criteria_id": "B0E0373B-201D-408F-9234-A7EFE8B4970D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*", | |
| "match_criteria_id": "44051CFE-D15D-4416-A123-F3E49C67A9E7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*", | |
| "match_criteria_id": "F296ACF3-1373-429D-B991-8B5BA704A7EF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*", | |
| "match_criteria_id": "B863420B-DE16-416A-9640-1A1340A9B855" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*", | |
| "match_criteria_id": "724C972F-74FE-4044-BBC4-7E0E61FC9002" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*", | |
| "match_criteria_id": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*", | |
| "match_criteria_id": "EBE909DE-E55A-4BD3-A5BF-ADE407432193" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*", | |
| "match_criteria_id": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6FCF609D-FE35-49D3-AA20-E56DCEEADD40", | |
| "version_end_including": "1.4.2_25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "63978872-E797-4F13-B0F9-98CB67D0962A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1EEAB662-644A-4D7B-8237-64142CF48724" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D9598A49-95F2-42DB-B92C-CD026F739B83" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BED1009E-AE60-43A0-A0F5-38526EFCF423" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D011585C-0E62-4233-85FA-F29A07D68DA7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F226D898-F0E8-41D8-BF40-54DE9FB5426D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CE28C283-447A-4F83-B96B-69F96E663C1C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D102063B-2434-4141-98E7-2DE501AE1728" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "03B8CD03-CD31-4F4D-BA90-59435578A4F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "41A994BF-1F64-480A-8AA5-748DDD0AB68C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88519F2D-AD06-4F05-BEDA-A09216F1B481" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AC728978-368D-4B36-B149-70473E92BD1B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6C660DE4-543A-4E9B-825D-CD099D08CBD8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "318719C9-7B01-4021-B2EF-8341254DFE6A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CC5E64B6-77DA-44BC-B646-AE01041B1830" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2DA35E80-9E0E-4A26-B631-A61542BE4739" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BED9E7C8-0418-4733-A496-61CCFD638859" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6566CE32-E042-424A-893B-C8A9E26E2869" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B760192E-7193-4FEF-8FFA-680AC89D45A9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C020210-8EBA-41D2-BE4A-962CD902857C" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-0738", | |
| "published": "2010-04-28T22:30:00.447000", | |
| "last_modified": "2023-02-13T04:16:44.297000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La aplicaci\u00f3n web JMX-Console en JBossAs en Red Hat JBoss Enterprise Application Platform (conocido como JBoss EAP o JBEAP) v4.2 anterior v4.2.0.CP09 y v4.3 anterior v4.3.0.CP08 realiza un control de acceso s\u00f3lo para los m\u00e9todos GET y POST, lo que permite a a atacantes remotos enviar peticiones en el manejador GET de la aplicaci\u00f3n que usan un m\u00e9todo diferente. \r\n" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=132129312609324&w=2", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/8408", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1023918", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/39710", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/0992", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=574105", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58147", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html", | |
| "source": "secalert@redhat.com" | |
| } | |
| ], | |
| "source_identifier": "secalert@redhat.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-05-25", | |
| "cisa_action_due": "2022-06-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Red Hat JBoss Authentication Bypass Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N", | |
| "base_score": 5.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "NONE" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 10.0, | |
| "impact_score": 2.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-264" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E9830D64-C46F-4423-BE0B-0B1FDB765D62" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp01:*:*:*:*:*:*", | |
| "match_criteria_id": "599FBAC3-2E83-443B-AACB-99BBA896CB19" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp02:*:*:*:*:*:*", | |
| "match_criteria_id": "43590B58-A1C7-4105-A00F-6C4F46A6CC5B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp03:*:*:*:*:*:*", | |
| "match_criteria_id": "A44F907E-AE57-4213-B001-A23319B72CF8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp04:*:*:*:*:*:*", | |
| "match_criteria_id": "243ED156-851C-4897-AF59-86FCA5C9C66F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp05:*:*:*:*:*:*", | |
| "match_criteria_id": "125BF8B0-AF1B-4FB1-9D41-D9FB30AE23FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp06:*:*:*:*:*:*", | |
| "match_criteria_id": "A3E7C299-8A2D-4733-98AC-F6FA37CC1C6C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp07:*:*:*:*:*:*", | |
| "match_criteria_id": "7398F80B-8318-40E7-A0EE-6CCF7E066C03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp08:*:*:*:*:*:*", | |
| "match_criteria_id": "F13F52B9-88F8-4F56-BF91-C6FEF22F067D" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D4816097-6982-4FBA-BD34-3D24BCA5A56A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp01:*:*:*:*:*:*", | |
| "match_criteria_id": "2B3E4026-F98E-4AEB-9FE1-4FFBBF44AC55" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp02:*:*:*:*:*:*", | |
| "match_criteria_id": "960A513A-CAFC-4B3D-ABD7-4659CF545C73" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp03:*:*:*:*:*:*", | |
| "match_criteria_id": "C2D8DC6D-5E39-4A53-8BB8-F998706D573F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp04:*:*:*:*:*:*", | |
| "match_criteria_id": "3AA2D64E-D7E7-400D-AC7E-CB2045750791" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp05:*:*:*:*:*:*", | |
| "match_criteria_id": "197F047B-E11C-4B79-B6C4-79B2C278A33F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp06:*:*:*:*:*:*", | |
| "match_criteria_id": "CCE383FE-3C03-4B4F-A2E6-AD673F8A44FE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp07:*:*:*:*:*:*", | |
| "match_criteria_id": "62A85D7D-B60A-4566-BA4B-2F74E452C4EE" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-1428", | |
| "published": "2010-04-28T22:30:00.793000", | |
| "last_modified": "2017-08-17T01:32:21.977000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La consola Web(tambi\u00e9n conocida como web-console) en JBossAs en Red Hat JBoss Enterprise Application Platform (tambi\u00e9n conocido como JBoss EAP o JBEAP) v4.2 anterior a v4.2.0.CP09 y v4.3 anterior a v4.3.0.CP08 realiza control de acceso solo para los m\u00e9todos GET y POST, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n sin especificar que utiliza un m\u00e9todod diferente" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=132698550418872&w=2", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1023917", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/39710", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/0992", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=585899", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58148", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html", | |
| "source": "secalert@redhat.com" | |
| } | |
| ], | |
| "source_identifier": "secalert@redhat.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-05-25", | |
| "cisa_action_due": "2022-06-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Red Hat JBoss Information Disclosure Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N", | |
| "base_score": 5.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "NONE" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 10.0, | |
| "impact_score": 2.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-264" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp08:*:*:*:*:*:*", | |
| "match_criteria_id": "E8E0B7BE-9F4D-4083-B08A-13CA20422820", | |
| "version_end_including": "4.2.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp07:*:*:*:*:*:*", | |
| "match_criteria_id": "4906489F-828A-4351-8D5B-A989CED8E4A5", | |
| "version_end_including": "4.3.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E9830D64-C46F-4423-BE0B-0B1FDB765D62" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp01:*:*:*:*:*:*", | |
| "match_criteria_id": "599FBAC3-2E83-443B-AACB-99BBA896CB19" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp02:*:*:*:*:*:*", | |
| "match_criteria_id": "43590B58-A1C7-4105-A00F-6C4F46A6CC5B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp03:*:*:*:*:*:*", | |
| "match_criteria_id": "A44F907E-AE57-4213-B001-A23319B72CF8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp04:*:*:*:*:*:*", | |
| "match_criteria_id": "243ED156-851C-4897-AF59-86FCA5C9C66F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp05:*:*:*:*:*:*", | |
| "match_criteria_id": "125BF8B0-AF1B-4FB1-9D41-D9FB30AE23FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp06:*:*:*:*:*:*", | |
| "match_criteria_id": "A3E7C299-8A2D-4733-98AC-F6FA37CC1C6C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp07:*:*:*:*:*:*", | |
| "match_criteria_id": "7398F80B-8318-40E7-A0EE-6CCF7E066C03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D4816097-6982-4FBA-BD34-3D24BCA5A56A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp01:*:*:*:*:*:*", | |
| "match_criteria_id": "2B3E4026-F98E-4AEB-9FE1-4FFBBF44AC55" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp02:*:*:*:*:*:*", | |
| "match_criteria_id": "960A513A-CAFC-4B3D-ABD7-4659CF545C73" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp03:*:*:*:*:*:*", | |
| "match_criteria_id": "C2D8DC6D-5E39-4A53-8BB8-F998706D573F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp04:*:*:*:*:*:*", | |
| "match_criteria_id": "3AA2D64E-D7E7-400D-AC7E-CB2045750791" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp05:*:*:*:*:*:*", | |
| "match_criteria_id": "197F047B-E11C-4B79-B6C4-79B2C278A33F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp06:*:*:*:*:*:*", | |
| "match_criteria_id": "CCE383FE-3C03-4B4F-A2E6-AD673F8A44FE" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-1297", | |
| "published": "2010-06-08T18:30:10.007000", | |
| "last_modified": "2017-09-19T01:30:40.563000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad sin especificar en Adobe Flash Player v9.0.x a v9.0.262 y v10.x a v10.0.45.2, y authplay.dl en Adobe Reader y Acrobat v9.x a 9.3.2, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de contenido SWF manipulado, se explota activamente desde Junio de 2010." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1024057", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1024058", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1024085", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1024086", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://support.apple.com/kb/HT4435", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa10-01.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/exploits/13787", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/486225", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/40586", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/40759", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-159A.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1348", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1349", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1421", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1432", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1434", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1453", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1482", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1522", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1636", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1793", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0192", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59137", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7116", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "The impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "Adobe Flash Player Memory Corruption Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0793A635-2C4E-482D-A57D-2F634DCE8B7A", | |
| "version_end_including": "9.0.262.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*", | |
| "match_criteria_id": "600DDA9D-6440-48D1-8539-7127398A8678" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "934A869D-D58D-4C36-B86E-013F62790585" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACFA6611-99DA-48B0-89F7-DD99B8E30334" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F5D52F86-2E38-4C66-9939-7603367B8D0E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7AE89894-E492-4380-8A2B-4CDD3A15667A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "260E2CF6-4D15-4168-A933-3EC52D8F93FF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D50BF190-2629-49A8-A377-4723C93FFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E59E2AD-38BB-46DF-AC0D-D36F1F259AD4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD04F04C-30CE-4A8D-B254-B10DEF62CEEE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "96DC7742-499D-4BF5-9C5B-FCFF912A9892" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33AC4365-576C-487A-89C5-197A26D416C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84B367AC-E1E1-4BC5-8BF4-D5B517C0CA7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A0A9C054-1F82-41DD-BE13-2B71B6F87F22" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "44CD02DC-30FC-4429-84B7-7BE1D2007DAE", | |
| "version_end_including": "10.0.45.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*", | |
| "match_criteria_id": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "476BB487-150A-4482-8C84-E6A2995A97E1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*", | |
| "match_criteria_id": "60540FDE-8C31-4679-A85E-614B1EFE1FF0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AE652520-B693-47F1-A342-621C149A7430" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "863D682E-57C3-4FE2-A521-92DCB5DA5F64", | |
| "version_end_including": "9.3.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B35CC915-EEE3-4E86-9E09-1893C725E07B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76201694-E5C5-4CA3-8919-46937AFDAAE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "397AB988-1C2C-4247-9B34-806094197CB5" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0D47D2EC-CDEA-4FA1-B31F-0362A04E77CC", | |
| "version_end_including": "9.3.2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39EDED39-664F-4B68-B422-2CCCA3B83550" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-2568", | |
| "published": "2010-07-22T05:43:49.703000", | |
| "last_modified": "2019-02-26T14:04:00.993000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Shell de Windows en Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 y SP2, Server 2008 SP2 y R2, y Windows 7 permite a usuarios locales o atacantes remotos ejecutar codigo a su elecci\u00f3n a traves de un fichero de acceso directo (1) .LNK o (2) .PIF manipulado, el cual no es manejado adecuadamente mientras se muestra el icono en el Explorador de Windows, tal y como se demostro en Julio de 2010, originalmene referenciado por malware que aprovecha CVE-2010-2772 en los sistemas Siemens WinCC SCADA." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://isc.sans.edu/diary.html?storyid=9181", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://isc.sans.edu/diary.html?storyid=9190", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1024216", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.f-secure.com/weblog/archives/00001986.html", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.f-secure.com/weblog/archives/new_rootkit_en.pdf", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/940193", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Patch", | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.microsoft.com/technet/security/advisory/2286198.mspx", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/41732", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11564", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "evaluator_solution": "Per: http://www.microsoft.com/technet/security/advisory/2286198.mspx\r\n\r\nMicrosoft has completed the investigation into a public report of this vulnerability. We have issued MS10-046 to address this issue.\r\n\r\nhttp://www.microsoft.com/technet/security/bulletin/MS10-046.mspx", | |
| "cisa_exploit_add": "2022-09-15", | |
| "cisa_action_due": "2022-10-06", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Windows Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "2978BF86-5A1A-438E-B81F-F360D0E30C9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", | |
| "match_criteria_id": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E33796DB-4523-4F04-B564-ADF030553D51" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", | |
| "match_criteria_id": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", | |
| "match_criteria_id": "9CFB1A97-8042-4497-A45D-C014B5E240AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "7F9C7616-658D-409D-8B53-AC00DC55602A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", | |
| "match_criteria_id": "B8A32637-65EC-42C4-A892-0E599562527C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "FFF81F4B-7D92-4398-8658-84530FB8F518" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*", | |
| "match_criteria_id": "DBE4A4EA-A0DE-4FDE-B9EC-D8729E17A1F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "E8000F58-DF1C-464C-A14B-783CDC00E781" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:gold:itanium:*:*:*:*:*", | |
| "match_criteria_id": "5AEA67EA-C788-4CF2-9246-01475302238E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", | |
| "match_criteria_id": "7AE15F6C-80F6-43A6-86DA-B92116A697A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", | |
| "match_criteria_id": "CC916D5A-0644-4423-A52E-D4310906BE78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "95DC297F-06DB-4FB3-BFB6-7312C059E047" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*", | |
| "match_criteria_id": "6137FDAA-F552-4A3F-B404-5CB75B189000" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "0A0D2704-C058-420B-B368-372D1129E914" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "F2E35DE9-2BAE-4652-93DE-C005ACE6FBB4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "CE477A73-4EE4-41E9-8694-5A3D5DC88656" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-1871", | |
| "published": "2010-08-05T13:23:09.477000", | |
| "last_modified": "2017-11-10T02:29:00.323000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "JBoss Seam 2 (jboss-seam2), como el usado en JBoss Enterprise Application Platform v4.3.0 para Red Hat Linux, no sanea adecuadamente las entradas de de la expresiones de Expression LanguageJBoss Expression Language (EL), lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de URL manipuladas. NOTA: Solo se da esta vulnerabilidad cuando el Java Security Manager no est\u00e1 configurado adecuadamente. \r\n\r\n\r\n" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/41994", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1024253", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/1929", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://security.netapp.com/advisory/ntap-20161017-0001/", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2021-12-10", | |
| "cisa_action_due": "2022-06-10", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:P", | |
| "base_score": 6.8, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "PARTIAL", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 8.6, | |
| "impact_score": 6.4, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E82B2AD8-967D-4ABE-982B-87B9DE73F8D6" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CA2C244C-82F6-49BC-B7F7-54AB989C43E8" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-2861", | |
| "published": "2010-08-11T18:47:51.157000", | |
| "last_modified": "2013-09-24T03:39:52.413000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "M\u00faltiples vulnerabilidades de salto de directorio en la consola del administrador en ColdFusion de Adobe versi\u00f3n 9.0.1 y anteriores, permiten a los atacantes remotos leer archivos arbitrarios por medio del par\u00e1metro locale en los archivos (1) CFIDE/administrador/configuraci\u00f3n/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm y (5) enter.cfm en CFIDE/administrador/." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://securityreason.com/securityalert/8137", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/8148", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-18.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-07", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "evaluator_impact": "We have calculated the CVSS score based on information provided via the following reference links:\r\n\r\nhttp://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-07.\r\nhttp://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe ColdFusion Directory Traversal Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P", | |
| "base_score": 7.5, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "PARTIAL", | |
| "integrity_impact": "PARTIAL", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 6.4, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": true, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-22" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "11239F7E-1C10-4F9C-BBFE-560094EA358A", | |
| "version_end_including": "9.0.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD6C1877-7412-4FBE-9641-334971F9D153" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:8.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "28C8D6AF-EDE1-42BD-A47C-2EF8690299BD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "113431FB-E4BE-4416-800C-6B13AD1C0E92" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-3035", | |
| "published": "2010-08-30T21:00:12.203000", | |
| "last_modified": "2017-08-17T01:32:53.993000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Cisco IOS XR v3.4.0 hasta la versi\u00f3n v3.9.1, si BGP est\u00e1 activado, no maneja apropiadamente los atributos transitivos no reconocidos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (\"peering reset\" o reinicio del hom\u00f3logo) a trav\u00e9s de un mensaje de anuncio de prefijos modificado, como se ha demostrado en la realidad en agosto del 2010 con el c\u00f3digo de tipo de atributo 99. Tambi\u00e9n conocido como Bug ID CSCti62211." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html", | |
| "source": "ykramarz@cisco.com" | |
| }, | |
| { | |
| "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml", | |
| "source": "ykramarz@cisco.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1024371", | |
| "source": "ykramarz@cisco.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/2227", | |
| "source": "ykramarz@cisco.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443", | |
| "source": "ykramarz@cisco.com" | |
| } | |
| ], | |
| "source_identifier": "ykramarz@cisco.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P", | |
| "base_score": 5.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "NONE", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "PARTIAL" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 10.0, | |
| "impact_score": 2.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "00DA2581-F618-4F2A-AB65-DA23DF51AF89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "81797938-F953-42BE-B287-AA48B9860AF6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "92AED038-C73F-4499-B064-F01D80DB0C64" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB7A249B-AF69-47D0-B6DE-968B4CD0BA42" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5F15240-6323-4766-801A-D887F3EA8A6B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D99DC1CF-78DC-4E59-98BA-DD84702D6467" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B9FA754-E3D2-4D80-8F4B-41139973D9FC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F497A05C-2FC5-427D-8036-2476ACA956C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2252E7B0-9112-4E9E-8CF4-4EC53C630CFD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1131A524-AA7A-4C94-9FFE-54546EA7D2CC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "46D1A634-D39C-4305-8915-4AA289FB68EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "21BAB799-3150-46D8-AEA3-9FCC73203221" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "99042285-94AC-4C57-8EAA-EE63C678A94A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2E752AA9-CC1C-44B6-A916-A3C76A57F05C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "71CBE50E-9BD3-4F74-8C7A-BE4905090EE2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "96F48419-AF66-4B50-ACBF-9E38287A64FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EBB71A24-AA6C-4BAD-BD37-5C191751C9DF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79164FAE-AE31-4DA2-B4C2-7879268BA29E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9B9A223A-7A0A-4E31-B8A1-C809373A799D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1ECAB9C3-9248-4663-ABAE-31FFC969EF3A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "10596213-9D2B-48A3-A733-744D41E90419" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-2883", | |
| "published": "2010-09-09T22:00:02.250000", | |
| "last_modified": "2018-10-30T16:25:16.967000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la biblioteca CoolType.dll en Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.4 y versi\u00f3n 8.x anterior a 8.2.5 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de un documento PDF con un campo largo en una tabla Smart INdependent Glyphlets (SING) en una fuente TTF, tal y como se explot\u00f3 \u201cin the wild\u201d en septiembre de 2010. NOTA: algunos de estos datos se consiguen de la informaci\u00f3n de terceros." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa10-02.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/491991", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0743.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/43057", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-279A.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/2331", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0191", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0344", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61635", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "evaluator_solution": "Per: http://www.adobe.com/support/security/advisories/apsa10-02.html\r\n\r\n'Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.'", | |
| "evaluator_impact": "Per: http://www.adobe.com/support/security/advisories/apsa10-02.html\r\n\r\n\r\n'Affected software versions\r\n\r\nAdobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.'", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "89F57593-6085-4B97-9755-80AB71B244E1", | |
| "version_end_including": "9.3.4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "749FFB51-65D4-4A4B-95F3-742440276897" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8665E53-EC1E-4B95-9064-2565BC12113E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0E190FF-3EBC-44AB-8072-4D964E843E8A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6A624D44-C135-4ED3-9BA4-F4F8A044850B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B95C0A99-42E4-40A9-BF61-507E4E4DC052" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B9F55CC-3681-4A67-99D1-3F40447392D5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A9C0AC89-804B-44A1-929A-118993B6BAA7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39B174C3-1BA6-4654-BFA4-CC126454E147" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7832B75B-7868-44DE-A9A4-CBD9CC117DB4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B35CC915-EEE3-4E86-9E09-1893C725E07B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76201694-E5C5-4CA3-8919-46937AFDAAE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "397AB988-1C2C-4247-9B34-806094197CB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FA0B8C3-8060-4685-A241-9852BD63B7A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AB9BBDE-634A-47CF-BA49-67382B547900" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:a:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CF0D73F4-3063-4B66-882E-39E50708E279" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7A5D3F63-85B9-474E-913E-F1341652C702", | |
| "version_end_including": "9.3.4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5BEA847-A71E-4336-AB67-B3C38847C1C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39F6994B-6969-485B-9286-2592B11A47BF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC533775-B52E-43F0-BF19-1473BE36232D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C4670451-511E-496C-A78A-887366E1E992" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35994F76-CD13-4301-9134-FC0CBEA37D97" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FB61191-F955-4DE6-A86B-36E031DE1F99" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E32D68D5-6A79-454B-B14F-9BC865413E3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39EDED39-664F-4B68-B422-2CCCA3B83550" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B508C5CE-1386-47B3-B301-B78DBB3A75D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDC2EEB6-D5EC-430F-962A-1279C9970441" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:a:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CF0D73F4-3063-4B66-882E-39E50708E279" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-2572", | |
| "published": "2010-11-10T03:00:01.850000", | |
| "last_modified": "2018-10-12T21:58:00.563000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka \"PowerPoint Parsing Buffer Overflow Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Desbordamiento de b\u00fafer en Microsoft PowerPoint 2002 SP3 y 2003 SP3 permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de documentos PowerPoint 95 manipulados, tambi\u00e9n conocido como \"PowerPoint Parsing Buffer Overflow Vulnerability\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-313A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12195", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft PowerPoint Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:powerpoint:2002:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "34C63AE5-4584-4A51-B20D-36FA6DE01C86" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:powerpoint:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "1778A4FF-FF69-403C-A607-6777AE685A13" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-3333", | |
| "published": "2010-11-10T03:00:02.087000", | |
| "last_modified": "2018-10-12T21:58:35.270000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka \"RTF Stack Buffer Overflow Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Desbordamiento de b\u00fafer basado en pila en Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011 y Open XML File Format Converter para Mac permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante datos RTF manipulados, tambi\u00e9n conocido como \"RTF Stack Buffer Overflow Vulnerability.\"" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=880", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/8293", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/44652", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1024705", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA10-313A.html", | |
| "source": "secure@microsoft.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/2923", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-087", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11931", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Office Stack-based Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "08AF794A-435D-4171-9DBB-EB7FAED96DBA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "5BA91840-371C-4282-9F7F-B393F785D260" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2010:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6F68DBEC-7A95-43B4-9174-79F89FC93BC5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "0D84FC39-29AA-4EF2-ACE7-E72635126F2B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*", | |
| "match_criteria_id": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-4398", | |
| "published": "2010-12-06T13:44:54.863000", | |
| "last_modified": "2018-10-12T21:59:03.130000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka \"Driver Improper Interaction with Windows Kernel Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Desbordamiento de buffer basado en pila en la funci\u00f3n RtlQueryRegistryValues de win32k.sys de Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 hasta la versi\u00f3n R2 y Windows 7. Permite a usuarios locales escalar privilegios y evitar el \"User Account Control\" (UAC), a trav\u00e9s de un valor REG_BINARY modificado de la clave del registro SystemDefaultEUDCFont." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://isc.sans.edu/diary.html?storyid=9988", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://support.avaya.com/css/P8/documents/100127248", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://twitter.com/msftsecresponse/statuses/7590788200402945", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/exploits/15609/", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/529673", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/45045", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025046", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0324", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-011", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12162", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-28", | |
| "cisa_action_due": "2022-04-21", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D56B932B-9593-44E2-B610-E4EB2143EB21" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", | |
| "match_criteria_id": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", | |
| "match_criteria_id": "9CFB1A97-8042-4497-A45D-C014B5E240AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "7F9C7616-658D-409D-8B53-AC00DC55602A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", | |
| "match_criteria_id": "CC916D5A-0644-4423-A52E-D4310906BE78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", | |
| "match_criteria_id": "95DC297F-06DB-4FB3-BFB6-7312C059E047" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3852BB02-47A1-40B3-8E32-8D8891A53114" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-3904", | |
| "published": "2010-12-06T20:13:00.513000", | |
| "last_modified": "2020-08-14T15:24:38.357000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La funci\u00f3n rds_page_copy_user de net/rds/page.c en la implementaci\u00f3n del protocolo \"Reliable Datagram Sockets\" (RDS) del kernel de Linux en versiones anteriores a la 2.6.36 no valida apropiadamente las direcciones obtenidas del espacio de usuario, lo que permite a usuarios locales escalar privilegios a trav\u00e9s de un uso manipulado de las llamadas del sistema sendmsg y recvmsg." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=799c10559d60f159ab2232203f222f18fa3c4a5f", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Mailing List", | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Mailing List", | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Mailing List", | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://packetstormsecurity.com/files/155751/vReliable-Datagram-Sockets-RDS-rds_page_copy_user-Privilege-Escalation.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Exploit", | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://securitytracker.com/id?1024613", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/362983", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Broken Link" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0792.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.ubuntu.com/usn/USN-1000-1", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vsecurity.com/download/tools/linux-rds-exploit.c", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Broken Link" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vsecurity.com/resources/advisory/20101019-1/", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Broken Link" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0298", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=642896", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Issue Tracking", | |
| "Patch", | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://www.exploit-db.com/exploits/44677/", | |
| "source": "security@ubuntu.com", | |
| "tags": [ | |
| "Exploit", | |
| "Third Party Advisory", | |
| "VDB Entry" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "security@ubuntu.com", | |
| "vuln_status": "Analyzed", | |
| "cisa_exploit_add": "2023-05-12", | |
| "cisa_action_due": "2023-06-02", | |
| "cisa_required_action": "The impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "Linux Kernel Improper Input Validation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8DCE5E2-B055-4F05-8F0F-F19D1B7BA8D7", | |
| "version_end_excluding": "2.6.36" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "60FBDD82-691C-4D9D-B71B-F9AFF6931B53" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "640FB29C-1A84-41E1-86DE-B542EA0EF153" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", | |
| "match_criteria_id": "EE26596F-F10E-44EF-88CA-0080646E91B9" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", | |
| "match_criteria_id": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", | |
| "match_criteria_id": "7EBFE35C-E243-43D1-883D-4398D71763CC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", | |
| "match_criteria_id": "01EDA41C-6B2E-49AF-B503-EB3882265C11" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "87614B58-24AB-49FB-9C84-E8DDBA16353B" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-4344", | |
| "published": "2010-12-14T16:00:04.163000", | |
| "last_modified": "2023-02-13T04:28:35.607000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en la funci\u00f3n string_vformat en string.c en Exim antes de v4.70 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una sesi\u00f3n de SMTP que incluye dos comandos MAIL junto con un mensaje de gran tama\u00f1o que contiene cabeceras modificadas, lo que lleva a un registro impropio del rechazo." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://atmail.com/blog/2010/atmail-6204-now-available/", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://bugs.exim.org/show_bug.cgi?id=787", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://openwall.com/lists/oss-security/2010/12/10/1", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.debian.org/security/2010/dsa-2131", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/682457", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/45308", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1024858", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.ubuntu.com/usn/USN-1032-1", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3171", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3172", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3181", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3186", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3204", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3246", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3317", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "secalert@redhat.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Exim Heap-Based Buffer Overflow Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F16DB595-F624-4EC4-89B9-F066075CCC0C", | |
| "version_end_including": "4.69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCB4B1A4-A631-4D25-B7F1-C180098E86AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AE701510-2879-4C78-8C1D-151D5C527B4B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "00FEC5EC-EE91-4702-BD9D-4023243AA7C9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB2BAB64-3A0B-4B8D-8C9A-726435218123" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7BAF74CC-9C39-4FB6-94B5-26865A8BBA5F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F3BC841-2C51-4CBD-B666-FCB531F43AC4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69C84D14-E466-4FD3-B79C-D227AD178E4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B5B15C1-3D3E-4875-AD4A-69798309DB3F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "64368CD7-9F8C-4D33-98B5-2F429A1F77DF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "40751F4F-46A3-4047-8532-CBEF2328D99C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C38566A6-B0A0-4228-A038-04817FFD543F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D1432D82-EA09-4C8B-A82D-BA41E14D3FE9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0E5C3CA8-00BF-4A35-AA5B-45D21CC2F965" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "90E35B41-4048-43AD-8DF0-7B4088869A88" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3114B51A-E651-4095-B817-0978673FDE6F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D6A6FC30-6AF0-4382-95B0-1672929F8150" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97A2321F-017F-4D7F-A27A-22725912ABA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A2187D70-7ADA-401E-B03E-E1A92D9CDD59" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8639E64-721A-4155-B775-CD3F775356F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DA92BC83-33D0-4387-8C93-F2F0754E227A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7E7B583-CB1D-43FE-A05C-4B31F64FD6A6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A35D9EF0-0267-4092-BC67-4C4B842B8ABF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5FE35F22-5B61-45A4-B8A2-67B8E792D58C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BC707056-63FC-4E61-A9A3-F89FE0E490E8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", | |
| "match_criteria_id": "92A7C49F-8826-47A5-BA9E-28472DFC5EFB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "52B3A794-43C7-4071-8E5A-EA209903165F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84DBC4E0-608F-40AA-AE30-D40D72F9BED4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", | |
| "match_criteria_id": "71998344-4AC0-473F-980C-D8D0077E19A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", | |
| "match_criteria_id": "42DA6BCE-7F17-4426-B514-3D50C764F4C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", | |
| "match_criteria_id": "032862E6-F4CB-4E0E-93CA-0663E8536A1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EC43E6B-2DA9-496E-BAD2-04FF4C3A53FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9FF31403-56FE-48D4-A93C-91B4DC89489B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB5A240D-CA4D-4929-BA60-DBE621A4E6F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6BE1A094-2760-49CA-84A8-84B19BE2BE59" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "04C4B45D-A0AC-42B3-99D7-91F7B8D15B69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ED822CDF-C94B-4A16-BEEB-FECE51CBB744" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B52A1ECA-44CC-4DDE-B1AD-25AE27605317" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E7D5D6F-8FDB-4AC2-A4D9-16E632AC8EAC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A4FEC2B4-BD68-428E-91BC-BC85F72E3BE8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", | |
| "match_criteria_id": "23EEBB47-2495-4FDB-9A55-415DA69392E8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D4A8E154-32CC-4665-82A0-1DE7A51B2435" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B594190-DF8F-45AE-8579-BD7B4568606F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BD2D8712-4DF9-4A73-93A7-7719C3502E18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D9DF054-4CBF-4BA7-9A42-5627DC4B6A68" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B13E6533-BEB9-4082-9063-7E3CCBF4C36C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", | |
| "match_criteria_id": "879B9641-3245-4CF7-912A-FD21372F46F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A91CA841-BBCA-4EF9-BC00-478A18797941" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EEA3F58C-3EF2-48B9-9171-7EFE72B1A3DD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AFB37C45-54E7-4E91-8E6D-0A3E764E1702" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", | |
| "match_criteria_id": "31CBE3C0-4918-4FA6-B1E7-6336913EF8D6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC45BCE0-F190-4050-8B3B-869D0C1033AE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6FD0E5A4-3FCB-46C1-A709-CA15D96FA9B0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D3335C80-97AE-42DB-B125-0D3FA57D8317" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F83560A-BDD7-456D-846C-D1DAF5C9DA64" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", | |
| "match_criteria_id": "22B9FD06-13E3-47CA-AB67-691DC3A9C330" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EE2A81F2-3E53-4A31-BCC6-BDC0E1B62CC8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2A03C071-87BF-4D5E-ABED-472ABAEFAC71" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D1D96C53-989C-42C8-9E71-A206B78ED55A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", | |
| "match_criteria_id": "30190EAB-7140-4E0A-B7A5-8FA8BD0749C9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0BD63C5-C916-4D7D-AE81-7B9676FC0951" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CCD8FE2F-8D53-407A-BB83-EB7725456D71" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", | |
| "match_criteria_id": "162F5CB4-1931-4236-8519-DD63A98BCEE0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9EF06704-E078-42FA-89DA-7BCA169D0E5B" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2010-4345", | |
| "published": "2010-12-14T16:00:04.257000", | |
| "last_modified": "2023-02-13T04:28:35.910000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Exim v4.72 y anteriores permiten a usuarios locales ganar privilegios potenciando la habilidad especificar un archivo de cuenta de usuario con una configuraci\u00f3n alternativa mediante una directiva que contenga comandos de su elecci\u00f3n, como se demostr\u00f3 con la directiva spool_directory." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://bugs.exim.org/show_bug.cgi?id=1044", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://openwall.com/lists/oss-security/2010/12/10/1", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.debian.org/security/2010/dsa-2131", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.debian.org/security/2011/dsa-2154", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/758489", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/45341", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1024859", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.ubuntu.com/usn/USN-1060-1", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3171", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2010/3204", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0135", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0245", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0364", | |
| "source": "secalert@redhat.com" | |
| }, | |
| { | |
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012", | |
| "source": "secalert@redhat.com", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "secalert@redhat.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-25", | |
| "cisa_action_due": "2022-04-15", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Exim Privilege Escalation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 6.9, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 3.4, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-264" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "91805B65-DDF2-4888-8F81-011F8D78B558", | |
| "version_end_including": "4.72" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCB4B1A4-A631-4D25-B7F1-C180098E86AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AE701510-2879-4C78-8C1D-151D5C527B4B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "00FEC5EC-EE91-4702-BD9D-4023243AA7C9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB2BAB64-3A0B-4B8D-8C9A-726435218123" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7BAF74CC-9C39-4FB6-94B5-26865A8BBA5F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F3BC841-2C51-4CBD-B666-FCB531F43AC4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69C84D14-E466-4FD3-B79C-D227AD178E4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B5B15C1-3D3E-4875-AD4A-69798309DB3F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "64368CD7-9F8C-4D33-98B5-2F429A1F77DF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "40751F4F-46A3-4047-8532-CBEF2328D99C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C38566A6-B0A0-4228-A038-04817FFD543F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D1432D82-EA09-4C8B-A82D-BA41E14D3FE9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0E5C3CA8-00BF-4A35-AA5B-45D21CC2F965" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "90E35B41-4048-43AD-8DF0-7B4088869A88" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3114B51A-E651-4095-B817-0978673FDE6F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D6A6FC30-6AF0-4382-95B0-1672929F8150" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97A2321F-017F-4D7F-A27A-22725912ABA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A2187D70-7ADA-401E-B03E-E1A92D9CDD59" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8639E64-721A-4155-B775-CD3F775356F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DA92BC83-33D0-4387-8C93-F2F0754E227A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7E7B583-CB1D-43FE-A05C-4B31F64FD6A6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A35D9EF0-0267-4092-BC67-4C4B842B8ABF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5FE35F22-5B61-45A4-B8A2-67B8E792D58C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BC707056-63FC-4E61-A9A3-F89FE0E490E8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", | |
| "match_criteria_id": "92A7C49F-8826-47A5-BA9E-28472DFC5EFB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "52B3A794-43C7-4071-8E5A-EA209903165F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84DBC4E0-608F-40AA-AE30-D40D72F9BED4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", | |
| "match_criteria_id": "71998344-4AC0-473F-980C-D8D0077E19A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", | |
| "match_criteria_id": "42DA6BCE-7F17-4426-B514-3D50C764F4C0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", | |
| "match_criteria_id": "032862E6-F4CB-4E0E-93CA-0663E8536A1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EC43E6B-2DA9-496E-BAD2-04FF4C3A53FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9FF31403-56FE-48D4-A93C-91B4DC89489B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB5A240D-CA4D-4929-BA60-DBE621A4E6F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6BE1A094-2760-49CA-84A8-84B19BE2BE59" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "04C4B45D-A0AC-42B3-99D7-91F7B8D15B69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ED822CDF-C94B-4A16-BEEB-FECE51CBB744" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B52A1ECA-44CC-4DDE-B1AD-25AE27605317" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E7D5D6F-8FDB-4AC2-A4D9-16E632AC8EAC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A4FEC2B4-BD68-428E-91BC-BC85F72E3BE8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", | |
| "match_criteria_id": "23EEBB47-2495-4FDB-9A55-415DA69392E8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D4A8E154-32CC-4665-82A0-1DE7A51B2435" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B594190-DF8F-45AE-8579-BD7B4568606F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BD2D8712-4DF9-4A73-93A7-7719C3502E18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D9DF054-4CBF-4BA7-9A42-5627DC4B6A68" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B13E6533-BEB9-4082-9063-7E3CCBF4C36C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", | |
| "match_criteria_id": "879B9641-3245-4CF7-912A-FD21372F46F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A91CA841-BBCA-4EF9-BC00-478A18797941" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EEA3F58C-3EF2-48B9-9171-7EFE72B1A3DD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AFB37C45-54E7-4E91-8E6D-0A3E764E1702" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", | |
| "match_criteria_id": "31CBE3C0-4918-4FA6-B1E7-6336913EF8D6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC45BCE0-F190-4050-8B3B-869D0C1033AE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6FD0E5A4-3FCB-46C1-A709-CA15D96FA9B0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D3335C80-97AE-42DB-B125-0D3FA57D8317" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F83560A-BDD7-456D-846C-D1DAF5C9DA64" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", | |
| "match_criteria_id": "22B9FD06-13E3-47CA-AB67-691DC3A9C330" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EE2A81F2-3E53-4A31-BCC6-BDC0E1B62CC8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2A03C071-87BF-4D5E-ABED-472ABAEFAC71" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D1D96C53-989C-42C8-9E71-A206B78ED55A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", | |
| "match_criteria_id": "30190EAB-7140-4E0A-B7A5-8FA8BD0749C9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0BD63C5-C916-4D7D-AE81-7B9676FC0951" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CCD8FE2F-8D53-407A-BB83-EB7725456D71" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", | |
| "match_criteria_id": "162F5CB4-1931-4236-8519-DD63A98BCEE0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9EF06704-E078-42FA-89DA-7BCA169D0E5B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8F2CB6E-1ED1-4E56-9532-30D2BA6A53DD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", | |
| "match_criteria_id": "452E9C94-B7FF-40A9-A7F9-FC38824F6135" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A8EB3709-D51F-46D1-99B8-CFB4C2275077" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-0609", | |
| "published": "2011-03-15T17:55:03.827000", | |
| "last_modified": "2018-10-30T16:26:24.687000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad sin especificar en Adobe Flash Player 10.2.154.13 y versiones anteriores en Windows, Mac OS X, Linux y Solaris, y 10.1.106.16 y anteriores en Android, y Authplay.dll (AuthPlayLib.bundle) de Adobe Reader y Acrobat 9.x hasta 9.4.2 y 10.x hasta 10.0.1 en Windows y Mac OS X. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de contenido Flash modificado, como se ha demostrado con un fichero .swf embebido en una hoja de c\u00e1lculo Excel. Se ha explotado en Internet en Marzo del 2011." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/8152", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb11-06.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/192052", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2011-0372.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/46860", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025210", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025211", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025238", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0655", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0656", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0688", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0732", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66078", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "The impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "Adobe Flash Player Unspecified Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9CE70003-27CE-4189-8F09-E8E25168BDC2", | |
| "version_end_including": "10.2.154.13" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7143E94B-F3CD-4E32-A7BB-C72C816EEACA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4654752C-F677-4066-8C48-BAD09392A594" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDFF4A51-C936-4C5B-8276-FD454C9E4F40" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D5ECC9D7-3386-4FEA-9218-91E31FF90F3A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E81EA32-9621-4ACE-9191-2E9B8C24D500" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B0E10D6-6348-471B-918A-60AAE2AC5F86" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7FBE855-7EE3-46F2-9FA1-0366AC8C5D24" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F0E93289-6EE0-401A-958D-F59D2CDAE2F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A67FC00F-0C85-4DD7-81EA-65533EABC767" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "14E67AD7-0791-4D5D-A3B2-E173088B5228" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EAF07696-9C85-470E-B608-1B0193CAFB6D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0DC1B9D-686D-46A3-B9F4-DD4E078DF74D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4BC3ABBA-8B36-448D-883B-C675C202028A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF2A52D9-0A1C-4E53-AFA2-148FF03D23A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A82D5B56-44E0-4120-B73E-0A1155AF4B05" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8E895107-ED8A-4F88-87C3-935EAE299C01" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1752F67C-75A9-4226-AB30-A94EB6C85526" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4007D621-A0BC-4927-82A7-10D73802BCF8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "641776AE-5408-439E-8290-DD9324771874" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "138A932A-D775-46A2-86EC-3C03C96884C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D12E3957-D7B2-4F3B-BB64-8B50B8958DEF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0C5537E-3153-400D-9F9B-91E7F1218C8A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "32912721-F750-4C20-B999-E728F7D3A85D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6693B1C4-B2A9-4725-AD0E-A266B9DF55AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A95FA639-346C-491C-81A8-6C2A7B01AA19" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC7DD938-F963-4E03-B66B-F00436E4EA9D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "351825F4-227D-4743-A74B-EAFC1034500B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B2A0777F-22C2-4FD5-BE81-8982BE6874D2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*", | |
| "match_criteria_id": "600DDA9D-6440-48D1-8539-7127398A8678" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "934A869D-D58D-4C36-B86E-013F62790585" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACFA6611-99DA-48B0-89F7-DD99B8E30334" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F5D52F86-2E38-4C66-9939-7603367B8D0E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7AE89894-E492-4380-8A2B-4CDD3A15667A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "260E2CF6-4D15-4168-A933-3EC52D8F93FF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D50BF190-2629-49A8-A377-4723C93FFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E59E2AD-38BB-46DF-AC0D-D36F1F259AD4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD04F04C-30CE-4A8D-B254-B10DEF62CEEE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "96DC7742-499D-4BF5-9C5B-FCFF912A9892" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BDD0A103-6D00-4D3D-9570-2DF74B6FE294" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33AC4365-576C-487A-89C5-197A26D416C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84B367AC-E1E1-4BC5-8BF4-D5B517C0CA7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A0A9C054-1F82-41DD-BE13-2B71B6F87F22" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7CB0781E-D5B5-4576-ABD4-0EE1C0C3DF12" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7AE15288-9344-41ED-B574-6DC4A4DDE386" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84963C1D-06C1-4FBF-A3B8-EB14D2EB43DB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FE848097-01E6-4C9B-9593-282D55CC77D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*", | |
| "match_criteria_id": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "476BB487-150A-4482-8C84-E6A2995A97E1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*", | |
| "match_criteria_id": "60540FDE-8C31-4679-A85E-614B1EFE1FF0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AE652520-B693-47F1-A342-621C149A7430" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D0EC3272-8E1E-4415-A254-BB6C7FB49BEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0CF5AF16-A4F2-4E65-ADA8-DE11BE1F198D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7DF88E7-1A67-447C-BCF8-5C5564002207" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*", | |
| "match_criteria_id": "460A0D6C-3A06-4910-B1E5-375E12F64F6E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*", | |
| "match_criteria_id": "950D8316-8117-4C09-A2A9-B34191957D32" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A5484DE8-3CB1-4591-BF30-0D5E255034E0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "02EBACEB-1266-4A2C-A47E-066D12EE5B96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CA86C5B3-1FC9-4585-9566-862A0318AF2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CCC09395-A9C7-4D7F-9B55-3120A84CB427" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3C2A6BBE-6033-4EF2-B890-9BD8867CC65A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F3ACD1B2-F952-46C8-989A-C4744E16D5E6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E91594E8-5320-4B6A-A4D8-17BBF211A96E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*", | |
| "match_criteria_id": "110ED819-CFFD-4DA6-BE13-08CDEFD17ADF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C3FD4968-B784-40D5-A09C-51F303A4C8C4" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "155AD4FB-E527-4103-BCEF-801B653DEA37" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "05924C67-F9A0-450E-A5B8-059651DD32E3" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E6F057DF-F6F8-4D20-B32C-930CD93347C6", | |
| "version_end_including": "10.1.106.16" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "02EBACEB-1266-4A2C-A47E-066D12EE5B96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CA86C5B3-1FC9-4585-9566-862A0318AF2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3C2A6BBE-6033-4EF2-B890-9BD8867CC65A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33B7290A-8A7E-496D-95C4-DADA2821859B" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8255F035-04C8-4158-B301-82101711939C" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B35CC915-EEE3-4E86-9E09-1893C725E07B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76201694-E5C5-4CA3-8919-46937AFDAAE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "397AB988-1C2C-4247-9B34-806094197CB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FA0B8C3-8060-4685-A241-9852BD63B7A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AB9BBDE-634A-47CF-BA49-67382B547900" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F56B1726-4F05-4732-9D8B-077EF593EAEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A258374F-55CB-48D2-9094-CD70E1288F60" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "627B0DA4-E600-49F1-B455-B4E151B33236" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "54BD8F96-BB75-4961-B1E0-049F2273100D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B57C5136-7853-478B-A342-6013528B41B4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CC1E1EE7-379E-4047-962D-0A311EB0DB1A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39EDED39-664F-4B68-B422-2CCCA3B83550" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B508C5CE-1386-47B3-B301-B78DBB3A75D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDC2EEB6-D5EC-430F-962A-1279C9970441" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8DC590C7-5BDE-4E46-9605-01E95B17F01F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCFE67F4-6907-4967-96A3-1757EADA72BB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A328CC7F-5D02-4C7C-82CE-139EB2689C18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9731EFE2-A5BE-4389-A92D-DDC573633B6C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9B4B357-27C7-4926-936C-A100A7AD538B" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-0611", | |
| "published": "2011-04-13T14:55:01.217000", | |
| "last_modified": "2018-10-30T16:26:24.687000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a \"group of included constants,\" object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Adobe Flash Player anterior a la versi\u00f3n 10.2.154.27 en Windows, Mac OS X, Linux y Solaris y 10.2.156.12 y versiones anteriores en Android; Adobe AIR anterior a versi\u00f3n 2.6.19140; y Authplay.dll (tambi\u00e9n se conoce como AuthPlayLib.bundle) en Adobe Reader versi\u00f3n 9.x anterior a 9.4.4 y versi\u00f3n 10.x hasta 10.0.1 en Windows, Adobe Reader versi\u00f3n 9.x anterior a 9.4.4 y versi\u00f3n 10.x anterior a 10.0.3 en Mac OS X y Adobe Acrobat versi\u00f3n 9.x anterior a 9.4.4 y versi\u00f3n 10.x anterior a 10.0.3 en Windows y Mac OS X permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio del contenido Flash creado; como lo demuestra un documento de Microsoft Office con un archivo.swf insertado que tiene una inconsistencia de tama\u00f1o en un \"group of included constants\", objeto de type confusion, ActionScript que agrega funciones personalizadas a los prototipos y date objects; y como explotados en la naturaleza en abril de 2011." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspx", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00004.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/8204", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://securityreason.com/securityalert/8292", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa11-02.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb11-07.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb11-08.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/exploits/17175", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.kb.cert.org/vuls/id/230057", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2011-0451.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/47314", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025324", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025325", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0922", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0923", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.vupen.com/english/advisories/2011/0924", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66681", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14175", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "The impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "Adobe Flash Player Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1296C04C-EB49-47C5-BCF8-B56D647DF47F", | |
| "version_end_including": "10.2.154.25" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7143E94B-F3CD-4E32-A7BB-C72C816EEACA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4654752C-F677-4066-8C48-BAD09392A594" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDFF4A51-C936-4C5B-8276-FD454C9E4F40" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D5ECC9D7-3386-4FEA-9218-91E31FF90F3A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E81EA32-9621-4ACE-9191-2E9B8C24D500" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B0E10D6-6348-471B-918A-60AAE2AC5F86" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7FBE855-7EE3-46F2-9FA1-0366AC8C5D24" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F0E93289-6EE0-401A-958D-F59D2CDAE2F1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A67FC00F-0C85-4DD7-81EA-65533EABC767" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "14E67AD7-0791-4D5D-A3B2-E173088B5228" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EAF07696-9C85-470E-B608-1B0193CAFB6D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0DC1B9D-686D-46A3-B9F4-DD4E078DF74D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4BC3ABBA-8B36-448D-883B-C675C202028A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF2A52D9-0A1C-4E53-AFA2-148FF03D23A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A82D5B56-44E0-4120-B73E-0A1155AF4B05" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8E895107-ED8A-4F88-87C3-935EAE299C01" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1752F67C-75A9-4226-AB30-A94EB6C85526" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4007D621-A0BC-4927-82A7-10D73802BCF8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "641776AE-5408-439E-8290-DD9324771874" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "138A932A-D775-46A2-86EC-3C03C96884C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D12E3957-D7B2-4F3B-BB64-8B50B8958DEF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0C5537E-3153-400D-9F9B-91E7F1218C8A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "32912721-F750-4C20-B999-E728F7D3A85D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6693B1C4-B2A9-4725-AD0E-A266B9DF55AB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A95FA639-346C-491C-81A8-6C2A7B01AA19" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC7DD938-F963-4E03-B66B-F00436E4EA9D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "351825F4-227D-4743-A74B-EAFC1034500B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B2A0777F-22C2-4FD5-BE81-8982BE6874D2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*", | |
| "match_criteria_id": "600DDA9D-6440-48D1-8539-7127398A8678" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "934A869D-D58D-4C36-B86E-013F62790585" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACFA6611-99DA-48B0-89F7-DD99B8E30334" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F5D52F86-2E38-4C66-9939-7603367B8D0E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7AE89894-E492-4380-8A2B-4CDD3A15667A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "260E2CF6-4D15-4168-A933-3EC52D8F93FF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D50BF190-2629-49A8-A377-4723C93FFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9E59E2AD-38BB-46DF-AC0D-D36F1F259AD4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD04F04C-30CE-4A8D-B254-B10DEF62CEEE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "96DC7742-499D-4BF5-9C5B-FCFF912A9892" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BDD0A103-6D00-4D3D-9570-2DF74B6FE294" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33AC4365-576C-487A-89C5-197A26D416C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84B367AC-E1E1-4BC5-8BF4-D5B517C0CA7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A0A9C054-1F82-41DD-BE13-2B71B6F87F22" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7CB0781E-D5B5-4576-ABD4-0EE1C0C3DF12" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7AE15288-9344-41ED-B574-6DC4A4DDE386" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "84963C1D-06C1-4FBF-A3B8-EB14D2EB43DB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FE848097-01E6-4C9B-9593-282D55CC77D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*", | |
| "match_criteria_id": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "476BB487-150A-4482-8C84-E6A2995A97E1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*", | |
| "match_criteria_id": "60540FDE-8C31-4679-A85E-614B1EFE1FF0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AE652520-B693-47F1-A342-621C149A7430" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D0EC3272-8E1E-4415-A254-BB6C7FB49BEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0CF5AF16-A4F2-4E65-ADA8-DE11BE1F198D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7DF88E7-1A67-447C-BCF8-5C5564002207" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*", | |
| "match_criteria_id": "460A0D6C-3A06-4910-B1E5-375E12F64F6E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*", | |
| "match_criteria_id": "950D8316-8117-4C09-A2A9-B34191957D32" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A5484DE8-3CB1-4591-BF30-0D5E255034E0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "02EBACEB-1266-4A2C-A47E-066D12EE5B96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CA86C5B3-1FC9-4585-9566-862A0318AF2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CCC09395-A9C7-4D7F-9B55-3120A84CB427" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3C2A6BBE-6033-4EF2-B890-9BD8867CC65A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F3ACD1B2-F952-46C8-989A-C4744E16D5E6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E91594E8-5320-4B6A-A4D8-17BBF211A96E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*", | |
| "match_criteria_id": "110ED819-CFFD-4DA6-BE13-08CDEFD17ADF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C3FD4968-B784-40D5-A09C-51F303A4C8C4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D8314735-FF59-48CF-898B-95967B2856DB" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "155AD4FB-E527-4103-BCEF-801B653DEA37" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "05924C67-F9A0-450E-A5B8-059651DD32E3" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "46059035-6EA4-4D6F-800C-CEB9D394B933", | |
| "version_end_including": "10.2.156.12" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "02EBACEB-1266-4A2C-A47E-066D12EE5B96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CA86C5B3-1FC9-4585-9566-862A0318AF2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3C2A6BBE-6033-4EF2-B890-9BD8867CC65A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33B7290A-8A7E-496D-95C4-DADA2821859B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*", | |
| "match_criteria_id": "05D97485-2C56-4B63-B105-BDB44E853210" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8255F035-04C8-4158-B301-82101711939C" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B35CC915-EEE3-4E86-9E09-1893C725E07B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76201694-E5C5-4CA3-8919-46937AFDAAE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "397AB988-1C2C-4247-9B34-806094197CB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FA0B8C3-8060-4685-A241-9852BD63B7A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AB9BBDE-634A-47CF-BA49-67382B547900" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F56B1726-4F05-4732-9D8B-077EF593EAEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A258374F-55CB-48D2-9094-CD70E1288F60" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "627B0DA4-E600-49F1-B455-B4E151B33236" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "54BD8F96-BB75-4961-B1E0-049F2273100D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9C14B310-65F0-475D-A2DD-0AD706805A99" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B57C5136-7853-478B-A342-6013528B41B4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CC1E1EE7-379E-4047-962D-0A311EB0DB1A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C113D6BE-88CD-4670-A0FA-8E78EBAF9A81" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39EDED39-664F-4B68-B422-2CCCA3B83550" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B508C5CE-1386-47B3-B301-B78DBB3A75D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDC2EEB6-D5EC-430F-962A-1279C9970441" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8DC590C7-5BDE-4E46-9605-01E95B17F01F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCFE67F4-6907-4967-96A3-1757EADA72BB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A328CC7F-5D02-4C7C-82CE-139EB2689C18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F56EC75-4C65-4CD7-981D-823E1411CD6F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9731EFE2-A5BE-4389-A92D-DDC573633B6C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9B4B357-27C7-4926-936C-A100A7AD538B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4DEE3D3B-C94C-4A85-B2C2-E4A72A88F4FD" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "33ABCBAC-BFDC-4086-BD49-61D13B8CF717", | |
| "version_end_including": "2.6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97F0F4B8-A8AE-4AF2-8991-36DF5478AC90" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "51905ABB-C598-415F-9B6C-26963129352A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C33E3BD1-CFF8-40C5-9247-1BA5D64A0AA5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "479BCE0B-6721-4BC4-B5A3-480B69041CE6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E76E7759-50B7-4351-AC46-16B02778EDC8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9EBEBFD-9535-4107-B4AB-899DD33E7B12" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9AB41166-A337-45F8-8F7B-C6FDFC7FF2E3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E61C0AF0-6D78-4B38-B319-438C6523CF08" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-1823", | |
| "published": "2011-06-09T10:36:27.680000", | |
| "last_modified": "2017-08-17T01:34:25.997000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El demonio de vold volume manager en Android versi\u00f3n 3.0 y versiones 2.x anterior a 2.3.4, conf\u00eda en los mensajes que son recibidos desde un socket PF_NETLINK, que permite a los usuarios locales ejecutar c\u00f3digo arbitrario y alcanzar privilegios de root por medio de un \u00edndice negativo que omite la comprobaci\u00f3n de un entero firmado maximum-only en el m\u00e9todo DirectVolume::handlePartitionAdded, que activa una corrupci\u00f3n de memoria, como es demostrado por Gingerbreak." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://android.git.kernel.org/?p=platform/system/core.git;a=commit;h=b620a0b1c7ae486e979826200e8e441605b0a5d6", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://android.git.kernel.org/?p=platform/system/netd.git;a=commit;h=79b579c92afc08ab12c0a5788d61f2dd2934836f", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Patch" | |
| ] | |
| }, | |
| { | |
| "url": "http://android.git.kernel.org/?p=platform/system/vold.git;a=commit;h=c51920c82463b240e2be0430849837d6fdc5352e", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://androidcommunity.com/gingerbreak-root-for-gingerbread-app-20110421/", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://c-skills.blogspot.com/2011/04/yummy-yummy-gingerbreak.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://forum.xda-developers.com/showthread.php?t=1044765", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.androidpolice.com/2011/05/03/google-patches-gingerbreak-exploit-but-dont-worry-we-still-have-root-for-now/", | |
| "source": "cve@mitre.org" | |
| }, | |
| { | |
| "url": "http://xorl.wordpress.com/2011/04/28/android-vold-mpartminors-signedness-issue/", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67977", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-09-08", | |
| "cisa_action_due": "2022-09-29", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Android OS Privilege Escalation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": true, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-189" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A33DBF65-09A6-4149-BABE-2FFFBF10C31D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "78B69434-13B2-4A43-AEB0-55E0ED403E54" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*", | |
| "match_criteria_id": "D1755B91-1B6B-4A9E-BB6B-22B399A6DD02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1A92E88F-CCED-41D7-AFB7-CE1F9265E546" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "D13D3A00-27A0-4635-9D50-05CA81950691" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.2.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4EB959DB-AFE7-4667-9662-949ADAB81CE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.3:rev1:*:*:*:*:*:*", | |
| "match_criteria_id": "61D64B87-F1F1-4E52-86AE-F28E2C43A9A8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "83AB2497-59DE-4253-A758-A3D03FAEB913" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E197EC0-82DF-49D5-BD1A-7EA22EC0B806" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:2.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "286EED24-E011-4009-BC2E-B63CA06072CE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:google:android:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6997F035-D2F5-4174-B979-5D42FF69D9AC" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-1889", | |
| "published": "2011-06-16T20:55:02.543000", | |
| "last_modified": "2018-10-12T22:01:05.957000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka \"TMG Firewall Client Memory Corruption Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "La funci\u00f3n NSPLookupServiceNext en el cliente de Microsoft Forefront Threat Management Gateway (TMG) 2010 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores que implican peticiones no especificadas, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de memoria en el cliente de Firewall TMG.\"" | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://www.securityfocus.com/bid/48181", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1025637", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-040", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67736", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12642", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Forefront TMG Remote Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 10.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-119" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:microsoft:forefront_threat_management_gateway:2010:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CD81943D-005B-4F0B-83BC-C5C84E85BF36" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-2005", | |
| "published": "2011-10-12T02:52:43.910000", | |
| "last_modified": "2019-02-26T14:04:00.993000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka \"Ancillary Function Driver Elevation of Privilege Vulnerability.\"" | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "afd.sys en el controlador de funci\u00f3n auxiliar de Microsoft Windows XP SP2 y SP3 y Server 2003 SP2 no valida correctamente la entrada de datos que se le pasa en modo de usuario una vez en modo kernel, lo que permite a usuarios locales conseguir privilegios a trav\u00e9s de una aplicaci\u00f3n espec\u00edficamente creada para este fin. Tambi\u00e9n conocida como \"Vulnerabilidad de elevaci\u00f3n de privilegios del controlador de funci\u00f3n auxiliar\"." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-080", | |
| "source": "secure@microsoft.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13114", | |
| "source": "secure@microsoft.com" | |
| } | |
| ], | |
| "source_identifier": "secure@microsoft.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-28", | |
| "cisa_action_due": "2022-04-18", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 7.2, | |
| "access_vector": "LOCAL", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 3.9, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-264" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "2978BF86-5A1A-438E-B81F-F360D0E30C9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", | |
| "match_criteria_id": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", | |
| "match_criteria_id": "CE477A73-4EE4-41E9-8694-5A3D5DC88656" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", | |
| "match_criteria_id": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-3544", | |
| "published": "2011-10-19T21:55:01.097000", | |
| "last_modified": "2018-01-06T02:29:19.410000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7 y v6 Update 27 y anteriores permite a aplicaciones remotas Java Web Start y applets Java no confiables afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con secuencias de comandos." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://secunia.com/advisories/48308", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.ibm.com/developerworks/java/jdk/alerts/", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", | |
| "source": "secalert_us@oracle.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.securityfocus.com/bid/50218", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.securitytracker.com/id?1026215", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "http://www.ubuntu.com/usn/USN-1263-1", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849", | |
| "source": "secalert_us@oracle.com" | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947", | |
| "source": "secalert_us@oracle.com" | |
| } | |
| ], | |
| "source_identifier": "secalert_us@oracle.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-03-03", | |
| "cisa_action_due": "2022-03-24", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 10.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "893B13BC-9448-4AFD-BCC4-F289A523949B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD3FC81B-4E54-44D8-8118-1E256FE619E2" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*", | |
| "match_criteria_id": "9F67F2BE-367C-4700-AE28-DA082325FF9D", | |
| "version_end_including": "1.6.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", | |
| "match_criteria_id": "722A93D8-B5BC-42F3-92A2-E424F61269A8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", | |
| "match_criteria_id": "775F2611-F11C-4B84-8F40-0D034B81BF18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", | |
| "match_criteria_id": "F20FDD9F-FF45-48BC-9207-54FB02E76071" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", | |
| "match_criteria_id": "9FA326F5-894A-4B01-BCA3-B126DA81CA59" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", | |
| "match_criteria_id": "228AB7B4-4BA4-43D4-B562-D438884DB152" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", | |
| "match_criteria_id": "AFD5C688-2103-4D60-979E-D9BE69A989C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", | |
| "match_criteria_id": "21421215-F722-4207-A2E5-E2DF4B29859B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", | |
| "match_criteria_id": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*", | |
| "match_criteria_id": "C367B418-659E-4627-B1F1-1B1216C99055" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*", | |
| "match_criteria_id": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*", | |
| "match_criteria_id": "7358492A-491C-491E-AEDF-63CB82619BAA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*", | |
| "match_criteria_id": "C3DACAAF-AFDC-4391-9E85-344F30937F76" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*", | |
| "match_criteria_id": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*", | |
| "match_criteria_id": "B5559C2B-9A93-4EFC-BE31-32C9ADD4D5F8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*", | |
| "match_criteria_id": "029E1F1D-2A77-4258-9D4F-6D31E827DF5B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*", | |
| "match_criteria_id": "0D2F2BE2-3022-4DC9-8505-F597F8CE1192" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*", | |
| "match_criteria_id": "A44CCE27-EE9F-4A66-B65A-24D015CE2764" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", | |
| "match_criteria_id": "D98175BF-B084-4FA5-899D-9E80DC3923EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", | |
| "match_criteria_id": "820632CE-F8DF-47EE-B716-7530E60008B7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", | |
| "match_criteria_id": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", | |
| "match_criteria_id": "D54AB785-E9B7-47BD-B756-0C3A629D67DD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", | |
| "match_criteria_id": "E9412098-0353-4F7B-9245-010557E6C651" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", | |
| "match_criteria_id": "AD30DAEB-4893-41CF-A455-B69C463B9337" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", | |
| "match_criteria_id": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*", | |
| "match_criteria_id": "3FB18875-CC4B-49AC-B038-44824BECBB7E", | |
| "version_end_including": "1.6.0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CBCD143C-057D-4F42-B487-46801E14ACF7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*", | |
| "match_criteria_id": "09027C19-D442-446F-B7A8-21DB6787CF43" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*", | |
| "match_criteria_id": "0A0FEC28-0707-4F42-9740-78F3D2D551EE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*", | |
| "match_criteria_id": "C3C5879A-A608-4230-9DC1-C27F0F48A13B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*", | |
| "match_criteria_id": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*", | |
| "match_criteria_id": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*", | |
| "match_criteria_id": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*", | |
| "match_criteria_id": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*", | |
| "match_criteria_id": "AADBB4F9-E43E-428B-9979-F47A15696C85" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*", | |
| "match_criteria_id": "49260B94-05DE-4B78-9068-6F5F6BFDD19E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*", | |
| "match_criteria_id": "C4FDE9EB-08FE-436E-A265-30E83B15DB23" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*", | |
| "match_criteria_id": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*", | |
| "match_criteria_id": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*", | |
| "match_criteria_id": "B08C075B-9FC0-4381-A9E4-FFF0362BD308" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*", | |
| "match_criteria_id": "F587E635-3A15-4186-B6A1-F99BE0A56820" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*", | |
| "match_criteria_id": "188D2242-7D16-4F8E-AB61-4663804AAC17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*", | |
| "match_criteria_id": "40271AA6-B0E7-461D-8903-414FE4E7109D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*", | |
| "match_criteria_id": "2231339D-4DF9-43CA-BC63-BD1EE1C17759" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*", | |
| "match_criteria_id": "A67ACAEB-D1B4-42C7-BEEC-8B5D8AFEBCB1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*", | |
| "match_criteria_id": "342D28DD-2AF4-489F-BAC7-29745C153726" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*", | |
| "match_criteria_id": "90EC6C13-4B37-48E5-8199-A702A944D5A6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*", | |
| "match_criteria_id": "2528152C-E20A-4D97-931C-A5EC3CEAA06D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*", | |
| "match_criteria_id": "A99DAB4C-272B-4C91-BC70-7729E1152590" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*", | |
| "match_criteria_id": "30DFC10A-A4D9-4F89-B17C-AB9260087D29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*", | |
| "match_criteria_id": "272A5C44-18EC-41A9-8233-E9D4D0734EA6" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-2462", | |
| "published": "2011-12-07T19:55:01.673000", | |
| "last_modified": "2017-09-19T01:33:04.537000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Vulnerabilidad no especificada en el componente de U3D en Adobe Reader y Acrobat v10.1.1 y versiones anteriores para Windows y Mac OS X, y Adobe Reader v9.x hasta v9.4.6 en UNIX, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores desconocidos, explotado \"in the wild\" en diciembre de 2011." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/advisories/apsa11-04.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.redhat.com/support/errata/RHSA-2012-0011.html", | |
| "source": "psirt@adobe.com" | |
| }, | |
| { | |
| "url": "http://www.us-cert.gov/cas/techalerts/TA11-350A.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "US Government Resource" | |
| ] | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562", | |
| "source": "psirt@adobe.com" | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Modified", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C", | |
| "base_score": 10.0, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 10.0, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-noinfo" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "68D60103-B447-48D2-9B52-81DEA719CEBE", | |
| "version_end_including": "10.1.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B1C92642-7C8D-411A-8726-06A8A6483D65" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3CBE2E6C-AF0E-4A77-9EB0-3593889BC676" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4B5C5C14-383C-4630-858E-D40D6C32FD4B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F509566A-6D4A-40C0-8A16-F8765C5DCAAF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "707D7124-6063-4510-80B4-AD9675996F67" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "200FFAE3-CC1C-4A11-99AD-377D54A67195" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8A990E86-07C0-49E2-92D6-55E499F30FAE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6AED985D-60D7-489E-9F1E-CE3C9D985B7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "EF7EAA22-CED2-4379-9465-9562BACB1C20" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7AA1BA3-9FFA-46AB-A92A-7247D5F7EA06" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3F5F7424-1E19-4078-8908-CD86A0185042" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F2402B40-6B72-48B5-A376-DA8D16CA43FA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0D968113-340A-4E5A-B4FD-D9702D49E3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "ACF742B8-5F7A-487B-835C-756B1BB392F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5B9351C2-16ED-4766-B417-8DB3A8766C2F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "74667860-0047-40AD-9468-860591BA9D17" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24262AFA-2EC8-479E-8922-36DB4243E404" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F1E62096-08B2-4722-A492-11E9A441E85B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5370AC6-90EE-48EA-8DBD-54002B102F7C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C36D10A8-D211-437D-98D8-9029D0A9CF8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BA55D00C-3629-48E4-8699-F62B8D703E02" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "623324C2-C8B5-4C3C-9C10-9677D5A6740A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "634396D6-4ED6-4F4D-9458-396373489589" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9A265869-EF58-428E-B8BB-30CABCBE0A83" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "97E20936-EE31-4CEB-A710-3165A28BAD69" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C5BEA847-A71E-4336-AB67-B3C38847C1C3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39F6994B-6969-485B-9286-2592B11A47BF" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FC533775-B52E-43F0-BF19-1473BE36232D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C4670451-511E-496C-A78A-887366E1E992" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "35994F76-CD13-4301-9134-FC0CBEA37D97" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FB61191-F955-4DE6-A86B-36E031DE1F99" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E32D68D5-6A79-454B-B14F-9BC865413E3B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F234ECA6-375B-493B-A659-F013DAEE5B29" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BCCA5699-BBF7-4112-B1E9-612A1CB260F6" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39EDED39-664F-4B68-B422-2CCCA3B83550" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B508C5CE-1386-47B3-B301-B78DBB3A75D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDC2EEB6-D5EC-430F-962A-1279C9970441" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8DC590C7-5BDE-4E46-9605-01E95B17F01F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCFE67F4-6907-4967-96A3-1757EADA72BB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A328CC7F-5D02-4C7C-82CE-139EB2689C18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F56EC75-4C65-4CD7-981D-823E1411CD6F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E2D30C1-BDE8-4C1C-A8B3-A635A74E5D94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9731EFE2-A5BE-4389-A92D-DDC573633B6C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9B4B357-27C7-4926-936C-A100A7AD538B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4DEE3D3B-C94C-4A85-B2C2-E4A72A88F4FD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "978027C8-4DF6-4C18-A31D-1ACFBA857E9F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:10.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "366E85EF-ED5F-4D4D-9CBE-E69F7248CB2B" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "56561144-6E0A-4C92-8E12-904EF8991E6D", | |
| "version_end_including": "10.1" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "465F9134-DD86-4F13-8C39-949BE6E7389A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BB041EDF-EFF8-4AA6-8D59-411975547534" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4C05F6A5-0FB3-489B-9B8B-64C569C03D7A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "AABA4FE3-662B-4956-904D-45086E000890" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*", | |
| "match_criteria_id": "998CD79C-458E-46A8-8261-1C40C53D9FA5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0155FB0B-7FAD-4388-96C8-A8543B4FDFD9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "201F059D-33D1-4D9F-9C6F-FC8EB49E4735" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B025E795-5713-485E-8A15-EBE4451A1A46" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B453FA1D-0FE9-4324-9644-E167561926C2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FDEA946E-B6D2-463B-89D0-F2F37278089E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "183B5940-2310-4D2E-99F0-9792A801A442" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E5FCDCBF-597B-439C-8D8B-2819FC70C567" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "440B890A-90E9-4456-B92A-856CD17F0C78" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "79BD9D8D-39DA-403E-915D-E1B6A46A6BAB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8976A7DC-1314-4C4A-A7C5-AA789D2DAB9C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "37854E7C-2166-48D7-AE8C-44C9468C38C7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0BCC8097-2B97-424F-BA92-23D9FFD28E80" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "FECFC942-4F04-420C-A9B4-AE0C0590317F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1DC97A87-2652-4AD6-8E10-419A9AC9C245" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3E1F71AE-3591-499E-B09F-AAC4E38F1CF2" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2D75174C-EBF9-4117-9E66-80E847012853" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "69B0305A-51D3-4E09-B96C-54B0ED921DA3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9762FE57-837B-4FFA-9813-AC038450EB2B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0055A38C-E421-40A1-8BC7-11856A20B8F0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "758CC9EE-8929-405B-A845-83BAAECCB2AD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24A7CF98-27EC-406A-98E2-ACC1AAAF5C93" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BC1BD70D-7A92-4309-A40C-9BD500997390" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F9C17896-8895-4731-B77A-F488A94F0CBD" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "21AC1961-12F7-456F-9CE4-9AAF116CF141" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DF9F1050-B6BE-4B99-882B-36D6E187304D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AEF32A2-8118-4557-B47F-4DB57F382814" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "749FFB51-65D4-4A4B-95F3-742440276897" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C8665E53-EC1E-4B95-9064-2565BC12113E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E0E190FF-3EBC-44AB-8072-4D964E843E8A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6A624D44-C135-4ED3-9BA4-F4F8A044850B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B95C0A99-42E4-40A9-BF61-507E4E4DC052" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", | |
| "match_criteria_id": "3B9F55CC-3681-4A67-99D1-3F40447392D5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A9C0AC89-804B-44A1-929A-118993B6BAA7" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39B174C3-1BA6-4654-BFA4-CC126454E147" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "BB7C4E07-0909-4114-BBFB-92626AFC49BB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7832B75B-7868-44DE-A9A4-CBD9CC117DB4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9:*:*:*:*:*:*:*", | |
| "match_criteria_id": "37AF9870-B9F0-42D2-B2D1-4A7E569A4C73" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B35CC915-EEE3-4E86-9E09-1893C725E07B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76201694-E5C5-4CA3-8919-46937AFDAAE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "397AB988-1C2C-4247-9B34-806094197CB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FA0B8C3-8060-4685-A241-9852BD63B7A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AB9BBDE-634A-47CF-BA49-67382B547900" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F56B1726-4F05-4732-9D8B-077EF593EAEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A258374F-55CB-48D2-9094-CD70E1288F60" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "627B0DA4-E600-49F1-B455-B4E151B33236" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "54BD8F96-BB75-4961-B1E0-049F2273100D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9C14B310-65F0-475D-A2DD-0AD706805A99" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "356A0FAF-A25C-4D11-A70F-94B311B5778E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B57C5136-7853-478B-A342-6013528B41B4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CC1E1EE7-379E-4047-962D-0A311EB0DB1A" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C113D6BE-88CD-4670-A0FA-8E78EBAF9A81" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "E4FC7DF0-7006-4805-9CA3-9A950DAA8D51" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5AA53564-9ACD-4CFB-9AAC-A77440026A57" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4F475858-DCE2-4C93-A51A-04718DF17593" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "88687272-4CD0-42A2-B727-C322ABDE3549" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B35CC915-EEE3-4E86-9E09-1893C725E07B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "76201694-E5C5-4CA3-8919-46937AFDAAE3" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "397AB988-1C2C-4247-9B34-806094197CB5" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8FA0B8C3-8060-4685-A241-9852BD63B7A0" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4AB9BBDE-634A-47CF-BA49-67382B547900" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F56B1726-4F05-4732-9D8B-077EF593EAEC" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A258374F-55CB-48D2-9094-CD70E1288F60" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "627B0DA4-E600-49F1-B455-B4E151B33236" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "54BD8F96-BB75-4961-B1E0-049F2273100D" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "9C14B310-65F0-475D-A2DD-0AD706805A99" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "356A0FAF-A25C-4D11-A70F-94B311B5778E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "958768B5-ABA3-4843-986D-499AD480832B" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0335CEAA-ED55-46AA-98D9-693733CDA68C" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", | |
| "match_criteria_id": "562772F1-1627-438E-A6B8-7D1AA5536086" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F25C9167-C6D4-4264-9197-50878EDA2D96" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DD1D7308-09E9-42B2-8836-DC2326C62A9E" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2432AC17-5378-4C61-A775-5172FD44EC03" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "39EDED39-664F-4B68-B422-2CCCA3B83550" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "B508C5CE-1386-47B3-B301-B78DBB3A75D9" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DDC2EEB6-D5EC-430F-962A-1279C9970441" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "8DC590C7-5BDE-4E46-9605-01E95B17F01F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "DCFE67F4-6907-4967-96A3-1757EADA72BB" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", | |
| "match_criteria_id": "41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A328CC7F-5D02-4C7C-82CE-139EB2689C18" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0F56EC75-4C65-4CD7-981D-823E1411CD6F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", | |
| "match_criteria_id": "1E2D30C1-BDE8-4C1C-A8B3-A635A74E5D94" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CB6F49FE-2332-4CAF-A11D-CDE46A71447F" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5D0D8BBD-F727-4957-8128-10A4C456FBD0" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2011-4723", | |
| "published": "2011-12-20T11:55:08.413000", | |
| "last_modified": "2023-04-26T18:55:30.893000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El router D-Link DIR-300 almacena contrase\u00f1as en texto plano, lo que permite a atacantes locales o remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://en.securitylab.ru/lab/PT-2011-30", | |
| "source": "cve@mitre.org" | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Analyzed", | |
| "cisa_exploit_add": "2022-09-08", | |
| "cisa_action_due": "2022-09-29", | |
| "cisa_required_action": "The impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:L/Au:S/C:C/I:N/A:N", | |
| "base_score": 6.8, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "LOW", | |
| "authentication": "SINGLE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "NONE", | |
| "availability_impact": "NONE" | |
| }, | |
| "base_severity": "MEDIUM", | |
| "exploitability_score": 8.0, | |
| "impact_score": 6.9, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-310" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:h:dlink:dir-300:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "46716C2A-12B7-414A-A1A2-CB49FCBDE8AE" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2012-0391", | |
| "published": "2012-01-08T15:55:01.217000", | |
| "last_modified": "2018-11-23T14:36:02.613000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El componente ExceptionDelegator en Apache Struts antes de v2.2.3.1 interpreta los valores de los par\u00e1metros como expresiones OGNL durante el manejo de determinadas excepciones en tipos de datos de propiedades no coincidentes, lo que permite a atacantes remotos ejecutar c\u00f3digo Java a trav\u00e9s de un par\u00e1metro especificamente modificado para tal fin." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "http://struts.apache.org/2.x/docs/s2-008.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://struts.apache.org/2.x/docs/version-notes-2311.html", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.exploit-db.com/exploits/18329", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| }, | |
| { | |
| "url": "https://issues.apache.org/jira/browse/WW-3668", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt", | |
| "source": "cve@mitre.org", | |
| "tags": [ | |
| "Exploit" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "cve@mitre.org", | |
| "vuln_status": "Analyzed", | |
| "cisa_exploit_add": "2022-01-21", | |
| "cisa_action_due": "2022-07-21", | |
| "cisa_required_action": "Apply updates per vendor instructions.", | |
| "cisa_vulnerability_name": "Apache Struts 2 Improper Input Validation Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": false | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-20" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "03A3B36D-229B-41BB-B201-CEB4464511EE", | |
| "version_start_including": "2.0.0", | |
| "version_end_excluding": "2.2.3.1" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "cve": { | |
| "id": "CVE-2012-0754", | |
| "published": "2012-02-16T19:55:01.130000", | |
| "last_modified": "2023-01-30T18:00:45.523000", | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "Adobe Flash Player antes de v10.3.183.15 y v11.x antes de v11.1.102.62 en Windows, Mac OS X, Linux y Solaris, y antes de v11.1.111.6 en Android v2.x y v3.x, y antes de v11.1.115.6 en Android v4.x permite a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados." | |
| } | |
| ], | |
| "references": [ | |
| { | |
| "url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Broken Link" | |
| ] | |
| }, | |
| { | |
| "url": "http://rhn.redhat.com/errata/RHSA-2012-0144.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://secunia.com/advisories/48265", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Broken Link" | |
| ] | |
| }, | |
| { | |
| "url": "http://security.gentoo.org/glsa/glsa-201204-07.xml", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "http://www.adobe.com/support/security/bulletins/apsb12-03.html", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Broken Link", | |
| "Patch", | |
| "Vendor Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15030", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| }, | |
| { | |
| "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15973", | |
| "source": "psirt@adobe.com", | |
| "tags": [ | |
| "Third Party Advisory" | |
| ] | |
| } | |
| ], | |
| "source_identifier": "psirt@adobe.com", | |
| "vuln_status": "Analyzed", | |
| "cisa_exploit_add": "2022-06-08", | |
| "cisa_action_due": "2022-06-22", | |
| "cisa_required_action": "The impacted product is end-of-life and should be disconnected if still in use.", | |
| "cisa_vulnerability_name": "Adobe Flash Player Memory Corruption Vulnerability", | |
| "metrics": { | |
| "cvss_metric_v2": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "cvss_data": { | |
| "version": "2.0", | |
| "vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C", | |
| "base_score": 9.3, | |
| "access_vector": "NETWORK", | |
| "access_complexity": "MEDIUM", | |
| "authentication": "NONE", | |
| "confidentiality_impact": "COMPLETE", | |
| "integrity_impact": "COMPLETE", | |
| "availability_impact": "COMPLETE" | |
| }, | |
| "base_severity": "HIGH", | |
| "exploitability_score": 8.6, | |
| "impact_score": 10.0, | |
| "ac_insuf_info": false, | |
| "obtain_all_privilege": false, | |
| "obtain_user_privilege": false, | |
| "obtain_other_privilege": false, | |
| "user_interaction_required": true | |
| } | |
| ] | |
| }, | |
| "weaknesses": [ | |
| { | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "CWE-787" | |
| } | |
| ] | |
| } | |
| ], | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "CEAE5A28-12B7-40FF-A76D-A105BCF477FE", | |
| "version_end_excluding": "10.3.183.15" | |
| }, | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "7F17F0EC-55D8-4EC8-99B3-7E0F01A207E6", | |
| "version_start_including": "11.0", | |
| "version_end_excluding": "11.1.102.62" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", | |
| "match_criteria_id": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", | |
| "match_criteria_id": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", | |
| "match_criteria_id": "A2572D17-1DE6-457B-99CC-64AFD54487EA" | |
| }, | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*", | |
| "match_criteria_id": "F5027746-8216-452D-83C5-2F8E9546F2A5" | |
| } | |
| ], | |
| "negate": false | |
| } | |
| ], | |
| "operator": "AND" | |
| }, | |
| { | |
| "nodes": [ | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": true, | |
| "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "5C53FEAC-FCCE-4B1F-8487-DA8BC5E26B9A", | |
| "version_end_excluding": "11.1.111.6" | |
| } | |
| ], | |
| "negate": false | |
| }, | |
| { | |
| "operator": "OR", | |
| "cpe_match": [ | |
| { | |
| "vulnerable": false, | |
| "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", | |
| "match_criteria_id": "82EF984A-D3B9-4648-BC39-A565D8F94144", | |
| "version_start_including": "2.0", | |
| "version_end_including": "3.2" | |
| } | |
| ], | |
| "negate": false | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment