{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"MySQL AB MySQL versions 5.0.4 et ant\u00e9rieures ;","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL AB MySQL versions 4.0.24 et ant\u00e9rieures.","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL AB MySQL versions 4.1.5 et ant\u00e9rieures ;","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne erreur dans la gestion des fonctions utilisateur permet \u00e0 un\nutilisateur local mal intentionn\u00e9 d'ex\u00e9cuter du code arbitraire par le\nbiais d'une fonction utilisateur malicieusement construite.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 des \u00e9diteurs pour appliquer le\ncorrectif appropri\u00e9 (cf. Documentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Suse :","url":"http://lists.suse.com/archive/suse-security-announce/2005-Sep/0012.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-833 du 01 octobre 2005 :","url":"http://www.debian.org/security/2005/dsa-833"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-180-1 :","url":"http://www.ubuntu.com/usn/usn-180-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-829 du 30 septembre 2005 :","url":"http://www.debian.org/security/2005/dsa-829"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:163 :","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:163"},{"title":"Site de MySQL AB :","url":"http://www.mysql.com"}],"reference":"CERTA-2005-AVI-353","revisions":[{"description":"version initiale.","revision_date":"2005-09-19T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux Bulletins de s\u00e9curit\u00e9 Debian et Suse.","revision_date":"2005-10-03T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au Bulletin de s\u00e9curit\u00e9 Debian DSA-833.","revision_date":"2005-10-10T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans MySQL permet \u00e0 un utilisateur local d'ex\u00e9cuter du\ncode arbitraire.\n","title":"Vuln\u00e9rabilit\u00e9 dans MySQL","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005-163","url":null}]}