{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Mozilla Firefox 2.0.0.16 et versions ant\u00e9rieures ;","product":{"name":"Firefox","vendor":{"name":"Mozilla","scada":false}}},{"description":"Mozilla Thunderbird 2.0.0.16 et versions ant\u00e9rieures ;","product":{"name":"Thunderbird","vendor":{"name":"Mozilla","scada":false}}},{"description":"Mozilla Firefox 3.0.1 ;","product":{"name":"Firefox","vendor":{"name":"Mozilla","scada":false}}},{"description":"Mozilla SeaMonkey 1.1.11 et versions ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"Mozilla","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUn tr\u00e8s grand nombre de vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les\nproduits Mozilla Firefox 3, Firefox 2, Thunderbird et SeaMonkey.\nL'exploitation de ces vuln\u00e9rabilit\u00e9s permet \u00e0 un utilisateur\nmalintentionn\u00e9 de r\u00e9aliser diverses actions, dont l'ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 des \u00e9diteurs pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-4058","url":"https://www.cve.org/CVERecord?id=CVE-2008-4058"},{"name":"CVE-2008-4060","url":"https://www.cve.org/CVERecord?id=CVE-2008-4060"},{"name":"CVE-2008-4065","url":"https://www.cve.org/CVERecord?id=CVE-2008-4065"},{"name":"CVE-2008-0016","url":"https://www.cve.org/CVERecord?id=CVE-2008-0016"},{"name":"CVE-2008-4061","url":"https://www.cve.org/CVERecord?id=CVE-2008-4061"},{"name":"CVE-2008-4059","url":"https://www.cve.org/CVERecord?id=CVE-2008-4059"},{"name":"CVE-2008-4069","url":"https://www.cve.org/CVERecord?id=CVE-2008-4069"},{"name":"CVE-2008-4062","url":"https://www.cve.org/CVERecord?id=CVE-2008-4062"},{"name":"CVE-2008-4067","url":"https://www.cve.org/CVERecord?id=CVE-2008-4067"},{"name":"CVE-2008-3837","url":"https://www.cve.org/CVERecord?id=CVE-2008-3837"},{"name":"CVE-2008-4068","url":"https://www.cve.org/CVERecord?id=CVE-2008-4068"},{"name":"CVE-2008-4066","url":"https://www.cve.org/CVERecord?id=CVE-2008-4066"},{"name":"CVE-2008-3835","url":"https://www.cve.org/CVERecord?id=CVE-2008-3835"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-37 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-37.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu","url":"http://www.ubuntu.com/usn/usn-647-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-1649-1 du 08 octobre 2008 :","url":"http://lists.debian.org/debian-security-announce/2008/msg00240.html"},{"title":"Bulletin de s\u00e9curit\u00e9 FEDORA-2008-8425","url":"https://www.redhat.com/archives/fedora-package-announce/2008-september/msg01334.html"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0882-24 du 23    septembre 2008 :","url":"http://rhn.redhat.com/errata/RHSA-2008-0882/html"},{"title":"Bulletin de s\u00e9curit\u00e9 openSUSE SUSE-SA:2008:050 du 08    octobre 2008 :","url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html"},{"title":"Bulletin de s\u00e9curit\u00e9 FEDORA-2008-8399","url":"https://www.redhat.com/archives/fedora-package-announce/2008-september/msg01362.html"},{"title":"Bulletin de s\u00e9curit\u00e9 FEDORA-2008-8425","url":"https://www.redhat.com/archives/fedora-package-announce/2008-september/msg01335.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu","url":"http://www.ubuntu.com/usn/usn-645-2"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-38 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-38.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-45 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-45.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu","url":"http://www.ubuntu.com/usn/usn-645-1"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-43 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-43.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-42 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-42.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-40 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-40.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-39 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-39.html"},{"title":"Bulletin de s\u00e9curit\u00e9 FEDORA-2008-8401","url":"https://www.redhat.com/archives/fedora-package-announce/2008-september/msg01384.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-44 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-44.html"},{"title":"Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2008/MFSA2008-41 du 23 septembre 2008 :","url":"http://www.mozilla.org/security/announce/2008/mfsa2008-41.html"},{"title":"Bulletin de s\u00e9curit\u00e9 FEDORA-2008-8429","url":"https://www.redhat.com/archives/fedora-package-announce/2008-september/msg01403.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Redhat RHSA-2008-0879      http://rhn.redhat.com/errata/RHSA-2008-0879.html","url":"http://rhn.redhat.com/erata/RHSA-2008-0879.html"}],"reference":"CERTA-2008-AVI-473","revisions":[{"description":"version initiale.","revision_date":"2008-09-24T00:00:00.000000"},{"description":"Ajout Ubuntu et FEDORA","revision_date":"2008-09-30T00:00:00.000000"},{"description":"Ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Debian, openSUSE et RedHat.","revision_date":"2008-10-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es afin r\u00e9aliser des\nactions malveillantes diverses.\n","title":"Multiples vuln\u00e9rabilit\u00e9s des produits Mozilla","vendor_advisories":[{"published_at":null,"title":"Bulletins de mise \u00e0 jour Mozilla du 23 septembre 2008","url":null}]}