{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"VirtualCenter Management Server 2.","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMWare ESX Server 2.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMWare ESX Server 3.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s existent sur VMWare ESX Server. Celles-ci\nconcernent des modules ou logiciels utilis\u00e9s par le serveur et r\u00e9cemment\nmis \u00e0 jour : OpenPegasus, Tomcat, Samba, OpenSSL, JRE, util-linux, et\nPerl. Certaines de ces failles permettent notamment \u00e0 une personne\nmalintentionn\u00e9e distante d'ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-5360","url":"https://www.cve.org/CVERecord?id=CVE-2007-5360"},{"name":"CVE-2007-0450","url":"https://www.cve.org/CVERecord?id=CVE-2007-0450"},{"name":"CVE-2007-5135","url":"https://www.cve.org/CVERecord?id=CVE-2007-5135"},{"name":"CVE-2007-5116","url":"https://www.cve.org/CVERecord?id=CVE-2007-5116"},{"name":"CVE-2007-3004","url":"https://www.cve.org/CVERecord?id=CVE-2007-3004"},{"name":"CVE-2005-2090","url":"https://www.cve.org/CVERecord?id=CVE-2005-2090"},{"name":"CVE-2007-5398","url":"https://www.cve.org/CVERecord?id=CVE-2007-5398"},{"name":"CVE-2007-3108","url":"https://www.cve.org/CVERecord?id=CVE-2007-3108"},{"name":"CVE-2007-4572","url":"https://www.cve.org/CVERecord?id=CVE-2007-4572"},{"name":"CVE-2006-7195","url":"https://www.cve.org/CVERecord?id=CVE-2006-7195"},{"name":"CVE-2007-5191","url":"https://www.cve.org/CVERecord?id=CVE-2007-5191"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier    2008 :","url":"http://lists.vmware.com/pipermail/security-announce/2008/000003.html"},{"title":"Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier    2008 :","url":"http://lists.vmware.com/pipermail/security-announce/2008/000002.html"}],"reference":"CERTA-2008-AVI-008","revisions":[{"description":"version initiale.","revision_date":"2008-01-08T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s sur <span class=\"textit\">VMWare ESX\nServer</span> et <span class=\"textit\">VirtualCenter Management\nServer</span> permettent notamment \u00e0 une personne malintentionn\u00e9e\ndistante d'ex\u00e9cuter du code arbitraire.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0001 du 07 janvier 2008","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMWare VMSA-2008-0002 du 07 janvier 2008","url":null}]}