IBM BladeCenter Advanced Management Module firmware 1.x.
","content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans IBM BladeCenter Advanced\nManagement Module. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 une personne\nmalintentionn\u00e9e d'effectuer des injections de code indirectes (xss), des\ninjections de requ\u00eates ill\u00e9gitimes par rebond (csrf) et/ou de porter\natteinte \u00e0 la confidentialit\u00e9 de certaines donn\u00e9es.\n\n## Solution\n\nLa mise \u00e0 jour du microgiciel en version 1.42U corrige les probl\u00e8mes.\n","cves":[{"name":"CVE-2009-1290","url":"https://www.cve.org/CVERecord?id=CVE-2009-1290"},{"name":"CVE-2009-1289","url":"https://www.cve.org/CVERecord?id=CVE-2009-1289"},{"name":"CVE-2009-1288","url":"https://www.cve.org/CVERecord?id=CVE-2009-1288"}],"links":[{"title":"Obtention et liste des modifications du Firmware v1.42U (BPET42U) :","url":"http://www-947.ibm.com/systems/support/supportsite.wss/docdisplay?Indocid=MIGR-5076204&brandind=5000020"},{"title":"Obtention et liste des modifications du Firmware v1.42U (BBET42U) :","url":"http://www-947.ibm.com/systems/support/supportsite.wss/docdisplay?Indocid=MIGR-5076206&brandind=5000020"}],"reference":"CERTA-2009-AVI-151","revisions":[{"description":"version initiale.","revision_date":"2009-04-17T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le microgiciel