Search criteria
12 vulnerabilities found for filemaker_pro by filemaker
FKIE_CVE-2014-5322
Vulnerability from fkie_nvd - Published: 2014-09-22 01:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| filemaker | filemaker_pro | * | |
| filemaker | filemaker_pro_advanced | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCE7435-075A-431D-9ADB-7D34AF5CD7D9",
"versionEndIncluding": "12.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220982EA-BFEF-4D14-8B4F-E0B36822B2F2",
"versionEndIncluding": "12.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en la funci\u00f3n Instant Web Publish en FileMaker Pro anterior a 13 y Pro Advanced anterior a 13 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados. Nota: Esta vulnerabilidad existe debido a una soluci\u00f3n incorrecta para CVE-2013-3640."
}
],
"id": "CVE-2014-5322",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-22T01:55:06.463",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/69987"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securitytracker.com/id/1030880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030880"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-5321
Vulnerability from fkie_nvd - Published: 2014-09-22 01:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| filemaker | filemaker_pro | * | |
| filemaker | filemaker_pro_advanced | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCE7435-075A-431D-9ADB-7D34AF5CD7D9",
"versionEndIncluding": "12.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220982EA-BFEF-4D14-8B4F-E0B36822B2F2",
"versionEndIncluding": "12.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319."
},
{
"lang": "es",
"value": "FileMaker Pro anterior a 13 y Pro Advanced anterior a 13 no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores y obtener informaci\u00f3n sensible a trav\u00e9s de un certificado manipulado. NOTA: esta vulnerabilidad se debe a una soluci\u00f3n incorrecta para CVE-2013-2319."
}
],
"id": "CVE-2014-5321",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-22T01:55:05.357",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3640
Vulnerability from fkie_nvd - Published: 2013-06-10 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC63CB-912D-4467-84FA-F714414EC41D",
"versionEndIncluding": "11.0.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08C630C3-2A21-41C7-A9B8-551486884008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C492D6-1753-4496-AD46-205841303FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C53E635A-B584-4016-981F-4BF683C1DA90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EDA105-E45D-46E6-ACD1-57B2E0A5623C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE05182-020F-4828-A5C3-DB92CC61EAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39E54415-A86C-4B83-90E2-1B6DF1B7B864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01EF4EA6-DAAD-44AD-AA8A-51A144AB4B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E27D0FF-5BBD-4DBB-9A6B-DA8F7816E82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E01567D9-12B5-4206-A9C3-0295F859DB46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94FB04BC-2E73-4251-9C0A-B22EFE02696D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:10.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A872A5F-FE0F-4434-B288-6310FC43DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:10.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C43EE86-4216-463F-9C92-4C8DF55D963D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:10.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CA5927-46BF-41C3-A055-A2DAAD08D4B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C101770-C088-4245-BBF1-FF8017530A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "778A5E6D-325C-429D-995A-A2332F297DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB291F8F-1B20-45B9-B497-2A8BAB503C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6438200C-F6E5-49C1-BB47-CBDEDED7C987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6225AC8-0583-4DB8-939F-9DDC1CADDFCE",
"versionEndIncluding": "11.0.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5403EB1-B11A-4615-B156-9F4AAD2794D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B65A8BC-6910-47E2-BF0D-A56E404354D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "409837BA-096F-43D6-9F22-98F374FBEFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBEEA6C-B2F6-4392-A308-789006DBCB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78651EB1-69B0-4812-99A2-0A7D569EB371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F339DF60-3316-44FB-834B-1C5924A96704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10A807EE-E137-47C5-B550-50A7DF2095DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F106C5-CBD6-47D5-82A8-D9B0341A9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "835C0189-F2E1-43D5-BFFB-928E8F880487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF45D0B-6793-4A05-9B36-9AABFC646085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:10.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDE58D0-D83A-43B0-8921-A7FEB5D9ACCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:10.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2502F90F-C8DB-44CE-963D-CAD9CEA54C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:10.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA284490-ED86-429A-A55A-9808A33130A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C772A131-6BE9-4D8E-B531-1A31E072F055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ADDB39-ACBF-46A8-9EBC-36BACD85A7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BE5B13-5EE7-451A-BB61-4091A46D94CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2445B8-7761-4032-96C3-4A2A08AA1168",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad Cross-site scripting (XSS) en la funci\u00f3n Instant Web Publish en FileMaker Pro anterior a v12 y Pro Advanced anterior a v12 permite a atacantes remotos a inyectar secuencias de comandos Web o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-3640",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-06-10T17:55:01.583",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2319
Vulnerability from fkie_nvd - Published: 2013-06-10 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC63CB-912D-4467-84FA-F714414EC41D",
"versionEndIncluding": "11.0.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08C630C3-2A21-41C7-A9B8-551486884008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C492D6-1753-4496-AD46-205841303FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C53E635A-B584-4016-981F-4BF683C1DA90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EDA105-E45D-46E6-ACD1-57B2E0A5623C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE05182-020F-4828-A5C3-DB92CC61EAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39E54415-A86C-4B83-90E2-1B6DF1B7B864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01EF4EA6-DAAD-44AD-AA8A-51A144AB4B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E27D0FF-5BBD-4DBB-9A6B-DA8F7816E82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E01567D9-12B5-4206-A9C3-0295F859DB46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:9.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94FB04BC-2E73-4251-9C0A-B22EFE02696D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:10.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A872A5F-FE0F-4434-B288-6310FC43DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:10.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C43EE86-4216-463F-9C92-4C8DF55D963D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:10.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CA5927-46BF-41C3-A055-A2DAAD08D4B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C101770-C088-4245-BBF1-FF8017530A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "778A5E6D-325C-429D-995A-A2332F297DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB291F8F-1B20-45B9-B497-2A8BAB503C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6438200C-F6E5-49C1-BB47-CBDEDED7C987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6225AC8-0583-4DB8-939F-9DDC1CADDFCE",
"versionEndIncluding": "11.0.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5403EB1-B11A-4615-B156-9F4AAD2794D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B65A8BC-6910-47E2-BF0D-A56E404354D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "409837BA-096F-43D6-9F22-98F374FBEFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBEEA6C-B2F6-4392-A308-789006DBCB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78651EB1-69B0-4812-99A2-0A7D569EB371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F339DF60-3316-44FB-834B-1C5924A96704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10A807EE-E137-47C5-B550-50A7DF2095DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F106C5-CBD6-47D5-82A8-D9B0341A9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "835C0189-F2E1-43D5-BFFB-928E8F880487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:9.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF45D0B-6793-4A05-9B36-9AABFC646085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:10.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDE58D0-D83A-43B0-8921-A7FEB5D9ACCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:10.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2502F90F-C8DB-44CE-963D-CAD9CEA54C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:10.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA284490-ED86-429A-A55A-9808A33130A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C772A131-6BE9-4D8E-B531-1A31E072F055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ADDB39-ACBF-46A8-9EBC-36BACD85A7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BE5B13-5EE7-451A-BB61-4091A46D94CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:filemaker:filemaker_pro_advanced:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2445B8-7761-4032-96C3-4A2A08AA1168",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
},
{
"lang": "es",
"value": "FileMaker Pro anterior a v12 y Pro Advanced anterior a v12 no verifica los certificados X.509 de los servidores SSL, los que permitir\u00eda ataques hombre en medio (man-in-the-middle) para espiar servidores y obtener informaci\u00f3n sensible a trav\u00e9s de un certificado manipulado."
}
],
"id": "CVE-2013-2319",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-10T17:55:01.563",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-5321 (GCVE-0-2014-5321)
Vulnerability from cvelistv5 – Published: 2014-09-22 01:00 – Updated: 2024-08-06 11:41
VLAI?
Summary
FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:48.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2014-000114",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-22T01:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2014-000114",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-5321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2014-000114",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"name": "JVN#85812843",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-5321",
"datePublished": "2014-09-22T01:00:00",
"dateReserved": "2014-08-18T00:00:00",
"dateUpdated": "2024-08-06T11:41:48.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5322 (GCVE-0-2014-5322)
Vulnerability from cvelistv5 – Published: 2014-09-22 01:00 – Updated: 2024-08-06 11:41
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:48.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030880"
},
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "69987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69987"
},
{
"name": "JVNDB-2014-000113",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-29T18:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "1030880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030880"
},
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "69987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69987"
},
{
"name": "JVNDB-2014-000113",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-5322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030880",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030880"
},
{
"name": "JVN#53579095",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "69987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69987"
},
{
"name": "JVNDB-2014-000113",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-5322",
"datePublished": "2014-09-22T01:00:00",
"dateReserved": "2014-08-18T00:00:00",
"dateUpdated": "2024-08-06T11:41:48.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3640 (GCVE-0-2013-3640)
Vulnerability from cvelistv5 – Published: 2013-06-10 17:00 – Updated: 2024-09-16 23:30
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "JVNDB-2013-000049",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-10T17:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "JVNDB-2013-000049",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-3640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#53579095",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "JVNDB-2013-000049",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-3640",
"datePublished": "2013-06-10T17:00:00Z",
"dateReserved": "2013-05-22T00:00:00Z",
"dateUpdated": "2024-09-16T23:30:42.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2319 (GCVE-0-2013-2319)
Vulnerability from cvelistv5 – Published: 2013-06-10 17:00 – Updated: 2024-09-17 03:37
VLAI?
Summary
FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:45.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2013-000048",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-10T17:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2013-000048",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-2319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2013-000048",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"name": "JVN#85812843",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-2319",
"datePublished": "2013-06-10T17:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T03:37:35.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5321 (GCVE-0-2014-5321)
Vulnerability from nvd – Published: 2014-09-22 01:00 – Updated: 2024-08-06 11:41
VLAI?
Summary
FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:48.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2014-000114",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-22T01:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2014-000114",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-5321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2014-000114",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000114"
},
{
"name": "JVN#85812843",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-5321",
"datePublished": "2014-09-22T01:00:00",
"dateReserved": "2014-08-18T00:00:00",
"dateUpdated": "2024-08-06T11:41:48.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5322 (GCVE-0-2014-5322)
Vulnerability from nvd – Published: 2014-09-22 01:00 – Updated: 2024-08-06 11:41
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:48.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030880"
},
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "69987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69987"
},
{
"name": "JVNDB-2014-000113",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-29T18:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "1030880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030880"
},
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "69987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69987"
},
{
"name": "JVNDB-2014-000113",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-5322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 13 and Pro Advanced before 13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-3640."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030880",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030880"
},
{
"name": "JVN#53579095",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "69987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69987"
},
{
"name": "JVNDB-2014-000113",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-5322",
"datePublished": "2014-09-22T01:00:00",
"dateReserved": "2014-08-18T00:00:00",
"dateUpdated": "2024-08-06T11:41:48.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3640 (GCVE-0-2013-3640)
Vulnerability from nvd – Published: 2013-06-10 17:00 – Updated: 2024-09-16 23:30
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "JVNDB-2013-000049",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-10T17:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#53579095",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "JVNDB-2013-000049",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-3640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#53579095",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN53579095/index.html"
},
{
"name": "JVNDB-2013-000049",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000049"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-3640",
"datePublished": "2013-06-10T17:00:00Z",
"dateReserved": "2013-05-22T00:00:00Z",
"dateUpdated": "2024-09-16T23:30:42.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2319 (GCVE-0-2013-2319)
Vulnerability from nvd – Published: 2013-06-10 17:00 – Updated: 2024-09-17 03:37
VLAI?
Summary
FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:45.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2013-000048",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-10T17:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2013-000048",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"name": "JVN#85812843",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-2319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2013-000048",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000048"
},
{
"name": "JVN#85812843",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN85812843/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-2319",
"datePublished": "2013-06-10T17:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T03:37:35.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}