{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Windows Server 2003 (\u00e9dition x64 et Itanium) Service Pack 1 et Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows XP Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 2000 Service Pack 4 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2003 Service Pack 1 et Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows XP Professionnel \u00e9dition x64 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLe composant Schannel impl\u00e9mente les protocoles d'authentification SSL\n(Secure Sockets Layer) et TLS (Transport Layer Security. Cette\nvuln\u00e9rabilit\u00e9 qualifi\u00e9e de critique par Microsoft permet \u00e0 une personne\ndistante malintentionn\u00e9e d'ex\u00e9cuter du code arbitraire ou de r\u00e9aliser un\nd\u00e9ni de service par le biais d'une d'une page web sp\u00e9cialement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-2218","url":"https://www.cve.org/CVERecord?id=CVE-2007-2218"}],"links":[],"reference":"CERTA-2007-AVI-261","revisions":[{"description":"version initiale.","revision_date":"2007-06-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans Microsoft Schannel permet l'ex\u00e9cution de code\narbitraire ou d'un d\u00e9ni de service \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans Microsoft Schannel","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS07-031 du 13 juin 2007","url":"http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx"}]}