{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Visio 2002.","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Toutes versions de la suite Microsoft Office, \u00e0 l'exception de Microsoft Office 2007 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Project versions 2000 et 2002 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Works Suite versions 2004, 2005 et 2006 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s, dont certaines ayant d\u00e9j\u00e0 fait l'objet\nd'une alerte du CERTA (CERTA-2006-ALE-014, CERTA-2007-ALE-004), touchent\nles produits bureautiques de Microsoft. L'exploitation de ces\nvuln\u00e9rabilit\u00e9s peut \u00eatre conduit depuis le syst\u00e8me vuln\u00e9rable et/ou \u00e0\ndistance, et permet l'ex\u00e9ction de code arbitraire. Cette ex\u00e9cution de\ncode peut conduire \u00e0 l'obtention du contr\u00f4le total de la machine\nvuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-0671","url":"https://www.cve.org/CVERecord?id=CVE-2007-0671"},{"name":"CVE-2006-3877","url":"https://www.cve.org/CVERecord?id=CVE-2006-3877"},{"name":"CVE-2006-5994","url":"https://www.cve.org/CVERecord?id=CVE-2006-5994"},{"name":"CVE-2006-6456","url":"https://www.cve.org/CVERecord?id=CVE-2006-6456"},{"name":"CVE-2007-0208","url":"https://www.cve.org/CVERecord?id=CVE-2007-0208"},{"name":"CVE-2007-0209","url":"https://www.cve.org/CVERecord?id=CVE-2007-0209"},{"name":"CVE-2006-6561","url":"https://www.cve.org/CVERecord?id=CVE-2006-6561"},{"name":"CVE-2007-0515","url":"https://www.cve.org/CVERecord?id=CVE-2007-0515"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS07-015 du 13 f\u00e9vrier 2007    :","url":"http://www.microsoft.com/technet/security/Bulletin/MS07-015.mspx"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS07-014 du 13 f\u00e9vrier 2007    :","url":"http://www.microsoft.com/technet/security/Bulletin/MS07-014.mspx"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS07-015 du 13 f\u00e9vrier 2007    :","url":"http://www.microsoft.com/france/technet/security/bulletin/MS07-015.mspx"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS07-014 du 13 f\u00e9vrier 2007    :","url":"http://www.microsoft.com/france/technet/security/bulletin/MS07-014.mspx"}],"reference":"CERTA-2007-AVI-083","revisions":[{"description":"version initiale.","revision_date":"2007-02-14T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s touchent les suites bureautique de\nMicrosoft. L'exploitation de ces vuln\u00e9rabilit\u00e9s peut conduire \u00e0\nl'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s de Microsoft Office","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 MS07-014 de Microsoft du 13 f\u00e9vrier 2007","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 MS07-015 de Microsoft du 13 f\u00e9vrier 2007","url":null}]}