{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Sun Java JRE 1.4.x ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Sun Java JRE 1.5.x ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Java Web Start 1.x ;","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}},{"description":"Sun Java SDK 1.3.x ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Sun Java JRE 6.x ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Sun Java SDK 1.4.x.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Java Web Start 3.x ;","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}},{"description":"Sun Java JDK 1.6.x ;","product":{"name":"N/A","vendor":{"name":"Centreon","scada":false}}},{"description":"Sun Java JRE 5.x ;","product":{"name":"N/A","vendor":{"name":"Centreon","scada":false}}},{"description":"Java Web Start 2.x ;","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}},{"description":"Sun Java JRE 1.6.x ;","product":{"name":"N/A","vendor":{"name":"Centreon","scada":false}}},{"description":"Sun Java JRE 1.3.x ;","product":{"name":"N/A","vendor":{"name":"Centreon","scada":false}}},{"description":"Sun Java JDK 1.5.x ;","product":{"name":"N/A","vendor":{"name":"Centreon","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans la machine virtuelle Java de\nSun permettent \u00e0 un utilisateur distant malintentionn\u00e9 de contourner la\npolitique de s\u00e9curit\u00e9, de porter atteinte \u00e0 la confidentialit\u00e9 et/ou \u00e0\nl'int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de service, d'\u00e9l\u00e9ver ses\nprivil\u00e8ges ou d'ex\u00e9cuter du code.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-3114","url":"https://www.cve.org/CVERecord?id=CVE-2008-3114"},{"name":"CVE-2008-3115","url":"https://www.cve.org/CVERecord?id=CVE-2008-3115"},{"name":"CVE-2008-3106","url":"https://www.cve.org/CVERecord?id=CVE-2008-3106"},{"name":"CVE-2008-3108","url":"https://www.cve.org/CVERecord?id=CVE-2008-3108"},{"name":"CVE-2008-3111","url":"https://www.cve.org/CVERecord?id=CVE-2008-3111"},{"name":"CVE-2008-3113","url":"https://www.cve.org/CVERecord?id=CVE-2008-3113"},{"name":"CVE-2008-3104","url":"https://www.cve.org/CVERecord?id=CVE-2008-3104"},{"name":"CVE-2008-3110","url":"https://www.cve.org/CVERecord?id=CVE-2008-3110"},{"name":"CVE-2008-3109","url":"https://www.cve.org/CVERecord?id=CVE-2008-3109"},{"name":"CVE-2008-3103","url":"https://www.cve.org/CVERecord?id=CVE-2008-3103"},{"name":"CVE-2008-3112","url":"https://www.cve.org/CVERecord?id=CVE-2008-3112"},{"name":"CVE-2008-3107","url":"https://www.cve.org/CVERecord?id=CVE-2008-3107"},{"name":"CVE-2008-3105","url":"https://www.cve.org/CVERecord?id=CVE-2008-3105"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 SUSE-SA:2008:043 du 04 septembre 2008    :","url":"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238905 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:1043 du 18 d\u00e9cembre    2008\u00a0:","url":"https://rhn.redhat.com/errata/RHSA-2008-1043.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238967 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1"},{"title":"Bulletin de s\u00e9curit\u00e9 SUSE-SA:2008:042 du 25 ao\u00fbt 2008 :","url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238628 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238687 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238968 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238966 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238966-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0906 du 24 octobre    2008\u00a0:","url":"https://rhn.redhat.com/errata/RHSA-2008-0906.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0955 du 25 novembre    2008\u00a0:","url":"https://rhn.redhat.com/errata/RHSA-2008-0955.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:1044 du 18 d\u00e9cembre    2008\u00a0:","url":"https://rhn.redhat.com/errata/RHSA-2008-1044.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0790 du 31 juillet    2008 :","url":"https://rhn.redhat.com/errata/RHSA-2008-0790.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:0595 du 14 juillet    2008 :","url":"https://rhn.redhat.com/errata/RHSA-2008-0595.html"},{"title":"Bulletin de r\u00e9sum\u00e9 de s\u00e9curit\u00e9 SUSE-SR:2008:028 du 16    d\u00e9cembre 2008\u00a0:","url":"http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238666 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2008:1045 du 18 d\u00e9cembre    2008\u00a0:","url":"https://rhn.redhat.com/errata/RHSA-2008-1045.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun #238965 du 08 juillet 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-238965-1"}],"reference":"CERTA-2008-AVI-366","revisions":[{"description":"version initiale.","revision_date":"2008-07-11T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins SuSE et Red Hat.","revision_date":"2008-09-18T00:00:00.000000"},{"description":"ajout de nouvelles r\u00e9f\u00e9rences Red Hat.","revision_date":"2008-12-23T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":null,"title":"Multiples vuln\u00e9rabilit\u00e9s dans la machine virtuelle Java de Sun","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Sun du 08 juillet 2008","url":null}]}