{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"VMware ESX 3.0.3 ne disposant pas de la mise \u00e0 jour ESXe350-200811401-BG ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Player 2.5.1 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Server 1.0.8 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESX 3.0.2 ne disposant pas de la mise \u00e0 jour ESX-1006980.","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ACE 2.5.1 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Workstation 6.5.1 et versions ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Server 2.0 ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESXi 3.5 ne disposant pas des mises \u00e0 jour ESXe350-200811401-SG et ESXe350-200903201-UG ;","product":{"name":"ESXi","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESXi 3.5 ne disposant pas des mises \u00e0 jour ESXe350-200811401-O-SG et ESXe350-200903201-O-UG ;","product":{"name":"ESXi","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nVMware. Ces vuln\u00e9rabilit\u00e9s permettent en particulier de r\u00e9aliser de\nnombreuses actions malveillantes depuis une machine virtuelle vers une\nmachine h\u00f4te.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 VMSA-2009-0005 du 3 avril 2009 pour\nl'obtention des correctifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-1146","url":"https://www.cve.org/CVERecord?id=CVE-2009-1146"},{"name":"CVE-2008-4916","url":"https://www.cve.org/CVERecord?id=CVE-2008-4916"},{"name":"CVE-2008-3761","url":"https://www.cve.org/CVERecord?id=CVE-2008-3761"},{"name":"CVE-2009-0910","url":"https://www.cve.org/CVERecord?id=CVE-2009-0910"},{"name":"CVE-2009-0909","url":"https://www.cve.org/CVERecord?id=CVE-2009-0909"},{"name":"CVE-2009-1244","url":"https://www.cve.org/CVERecord?id=CVE-2009-1244"},{"name":"CVE-2009-0908","url":"https://www.cve.org/CVERecord?id=CVE-2009-0908"},{"name":"CVE-2009-1147","url":"https://www.cve.org/CVERecord?id=CVE-2009-1147"},{"name":"CVE-2009-0518","url":"https://www.cve.org/CVERecord?id=CVE-2009-0518"},{"name":"CVE-2009-0177","url":"https://www.cve.org/CVERecord?id=CVE-2009-0177"}],"links":[],"reference":"CERTA-2009-AVI-137","revisions":[{"description":"version initiale.","revision_date":"2009-04-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"D\u00e9ni de service"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nVMware. L'exploitation de ces vuln\u00e9rabilit\u00e9s permet de r\u00e9aliser un grand\nnombre d'actions malveillantes, dont l'ex\u00e9cution de code arbitraire \u00e0\ndistance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s des produits VMWare","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMSA-2009-0005 du 3 avril 2009","url":"http://lists.vmware.com/pipermail/security-announce/2009/000054.html"}]}