{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Emacs versions 20.x ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"XEmacs version 21.4 et versions ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Emacs version 21.3 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 dans l'utilitaire movemail de Emacs et XEmacs permet \u00e0\nun utilisateur mal intentionn\u00e9, via un serveur POP3 malicieusement\nconstitu\u00e9, d'ex\u00e9cuter du code arbitraire avec les droits de\nl'application Emacs ou XEmacs.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:112 du 10 f\u00e9vrier    2005 :","url":"http://rhn.redhat.com/errata/RHSA-2005-112.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandrake MDKSA-2005:038 du 15 f\u00e9vrier    2005 :","url":"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:038"},{"title":"Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200502-20 du 15 f\u00e9vrier    2005 :","url":"http://www.gentoo.org/security/en/glsa/glsa-200502-20.xml"},{"title":"Mises \u00e0 jour de s\u00e9curit\u00e9 des paquetages NetBSD emacs,    emacs-nox11, emacs20, xemacs, xemacs-nox11 et xemacs-current :","url":"ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/editors/xemacs/README.html"},{"title":"Bulletin de s\u00e9curit\u00e9 FreeBSD pour emacs et xemacs du 14    f\u00e9vrier 2005 :","url":"http://www.vuxml.org/freebsd/"},{"title":"Site Internet de Emacs :","url":"http://www.gnu.org/software/emacs/emacs.html"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:133 du 15 f\u00e9vrier    2005 :","url":"http://rhn.redhat.com/errata/RHSA-2005-133.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-671 du 08 f\u00e9vrier 2005 :","url":"http://www.debian.org/security/2005/dsa-671"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:134 du 10 f\u00e9vrier    2005 :","url":"http://rhn.redhat.com/errata/RHSA-2005-134.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-685 du 17 f\u00e9vrier 2005 :","url":"http://www.debian.org/security/2005/dsa-685"},{"title":"Mises \u00e0 jour de s\u00e9curit\u00e9 des paquetages NetBSD emacs,    emacs-nox11, emacs20, xemacs, xemacs-nox11 et xemacs-current :","url":"ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/editors/emacs/README.html"},{"title":"Bulletin de s\u00e9curit\u00e9 OpenBSD pour emacs et Xemacs du 09    f\u00e9vrier 2005 :","url":"http://www.vuxml.org/openbsd/"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:110 du 15 f\u00e9vrier    2005 :","url":"http://rhn.redhat.com/errata/RHSA-2005-110.html"},{"title":"Site Internet de XEmacs :","url":"http://www.xemacs.org"},{"title":"Mises \u00e0 jour de s\u00e9curit\u00e9 des paquetages NetBSD emacs,    emacs-nox11, emacs20, xemacs, xemacs-nox11 et xemacs-current :","url":"ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/editors/xemacs-current/README.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-670 du 08 f\u00e9vrier 2005 :","url":"http://www.debian.org/security/2005/dsa-670"},{"title":"Mises \u00e0 jour de s\u00e9curit\u00e9 des paquetages NetBSD emacs,    emacs-nox11, emacs20, xemacs, xemacs-nox11 et xemacs-current :","url":"ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/editors/emacs20/README.html"},{"title":"Mises \u00e0 jour de s\u00e9curit\u00e9 des paquetages NetBSD emacs,    emacs-nox11, emacs20, xemacs, xemacs-nox11 et xemacs-current :","url":"ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/editors/xemacs-nox11/README.html"},{"title":"Mises \u00e0 jour de s\u00e9curit\u00e9 des paquetages NetBSD emacs,    emacs-nox11, emacs20, xemacs, xemacs-nox11 et xemacs-current :","url":"ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/editors/emacs-nox11/README.html"}],"reference":"CERTA-2005-AVI-067","revisions":[{"description":"version initiale.","revision_date":"2005-02-11T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 FreeBSD.","revision_date":"2005-02-14T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence aux bulletins de s\u00e9curit\u00e9 Gentoo et Mandrake.","revision_date":"2005-02-16T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence aux bulletins de s\u00e9curit\u00e9 RedHat RHSA-2005:110 et RHSA-2005:133.","revision_date":"2005-02-17T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Debian DSA-685.","revision_date":"2005-02-18T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 NetBSD.","revision_date":"2005-02-24T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 de Emacs et XEmacs","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Debian DSA-670 et DSA-671","url":null}]}