{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Mac OS X Server version 10.4.11 ainsi que celles ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"Apple","scada":false}}},{"description":"Mac OS X Server version 10.5.6 ainsi que celles ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"Apple","scada":false}}},{"description":"Mac OS X version 10.5.6 ainsi que celles ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"Apple","scada":false}}},{"description":"Mac OS X version 10.4.11 ainsi que celles ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"Apple","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd'exploitation Apple Mac OS X. Elles touchent divers composants et\nservices install\u00e9s comme CFNetworks (manipulation des \u00e9changes HTTP),\nCoreGraphics (manipulation de fichiers PDF), Help Viewer (manipulation\nde l'URI help:), QuickDraw Manager (manipulation d'images PICT), Safari\n(manipulation de l'URI feed:), OpenSSL, PHP, WebKit, X11, etc.\n\nL'exploitation de certaines de ces vuln\u00e9rabilit\u00e9s peut conduire \u00e0\nl'ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 2009-002 de Apple pour l'obtention\ndes correctifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-0160","url":"https://www.cve.org/CVERecord?id=CVE-2009-0160"},{"name":"CVE-2009-0147","url":"https://www.cve.org/CVERecord?id=CVE-2009-0147"},{"name":"CVE-2008-3652","url":"https://www.cve.org/CVERecord?id=CVE-2008-3652"},{"name":"CVE-2009-0846","url":"https://www.cve.org/CVERecord?id=CVE-2009-0846"},{"name":"CVE-2008-5557","url":"https://www.cve.org/CVERecord?id=CVE-2008-5557"},{"name":"CVE-2009-0847","url":"https://www.cve.org/CVERecord?id=CVE-2009-0847"},{"name":"CVE-2009-0155","url":"https://www.cve.org/CVERecord?id=CVE-2009-0155"},{"name":"CVE-2008-3657","url":"https://www.cve.org/CVERecord?id=CVE-2008-3657"},{"name":"CVE-2009-0153","url":"https://www.cve.org/CVERecord?id=CVE-2009-0153"},{"name":"CVE-2008-1517","url":"https://www.cve.org/CVERecord?id=CVE-2008-1517"},{"name":"CVE-2008-3660","url":"https://www.cve.org/CVERecord?id=CVE-2008-3660"},{"name":"CVE-2008-3529","url":"https://www.cve.org/CVERecord?id=CVE-2008-3529"},{"name":"CVE-2008-0456","url":"https://www.cve.org/CVERecord?id=CVE-2008-0456"},{"name":"CVE-2009-0943","url":"https://www.cve.org/CVERecord?id=CVE-2009-0943"},{"name":"CVE-2009-0157","url":"https://www.cve.org/CVERecord?id=CVE-2009-0157"},{"name":"CVE-2008-3651","url":"https://www.cve.org/CVERecord?id=CVE-2008-3651"},{"name":"CVE-2009-0010","url":"https://www.cve.org/CVERecord?id=CVE-2009-0010"},{"name":"CVE-2009-0040","url":"https://www.cve.org/CVERecord?id=CVE-2009-0040"},{"name":"CVE-2008-1382","url":"https://www.cve.org/CVERecord?id=CVE-2008-1382"},{"name":"CVE-2004-1185","url":"https://www.cve.org/CVERecord?id=CVE-2004-1185"},{"name":"CVE-2009-0148","url":"https://www.cve.org/CVERecord?id=CVE-2009-0148"},{"name":"CVE-2008-2371","url":"https://www.cve.org/CVERecord?id=CVE-2008-2371"},{"name":"CVE-2008-3658","url":"https://www.cve.org/CVERecord?id=CVE-2008-3658"},{"name":"CVE-2008-3443","url":"https://www.cve.org/CVERecord?id=CVE-2008-3443"},{"name":"CVE-2008-3659","url":"https://www.cve.org/CVERecord?id=CVE-2008-3659"},{"name":"CVE-2009-0025","url":"https://www.cve.org/CVERecord?id=CVE-2009-0025"},{"name":"CVE-2008-3863","url":"https://www.cve.org/CVERecord?id=CVE-2008-3863"},{"name":"CVE-2008-2383","url":"https://www.cve.org/CVERecord?id=CVE-2008-2383"},{"name":"CVE-2008-3530","url":"https://www.cve.org/CVERecord?id=CVE-2008-3530"},{"name":"CVE-2009-0149","url":"https://www.cve.org/CVERecord?id=CVE-2009-0149"},{"name":"CVE-2009-0154","url":"https://www.cve.org/CVERecord?id=CVE-2009-0154"},{"name":"CVE-2008-3790","url":"https://www.cve.org/CVERecord?id=CVE-2008-3790"},{"name":"CVE-2009-0159","url":"https://www.cve.org/CVERecord?id=CVE-2009-0159"},{"name":"CVE-2008-2829","url":"https://www.cve.org/CVERecord?id=CVE-2008-2829"},{"name":"CVE-2009-0165","url":"https://www.cve.org/CVERecord?id=CVE-2009-0165"},{"name":"CVE-2009-0144","url":"https://www.cve.org/CVERecord?id=CVE-2009-0144"},{"name":"CVE-2009-0162","url":"https://www.cve.org/CVERecord?id=CVE-2009-0162"},{"name":"CVE-2008-3655","url":"https://www.cve.org/CVERecord?id=CVE-2008-3655"},{"name":"CVE-2004-1186","url":"https://www.cve.org/CVERecord?id=CVE-2004-1186"},{"name":"CVE-2008-2665","url":"https://www.cve.org/CVERecord?id=CVE-2008-2665"},{"name":"CVE-2009-0114","url":"https://www.cve.org/CVERecord?id=CVE-2009-0114"},{"name":"CVE-2008-2666","url":"https://www.cve.org/CVERecord?id=CVE-2008-2666"},{"name":"CVE-2009-0021","url":"https://www.cve.org/CVERecord?id=CVE-2009-0021"},{"name":"CVE-2009-0519","url":"https://www.cve.org/CVERecord?id=CVE-2009-0519"},{"name":"CVE-2009-0145","url":"https://www.cve.org/CVERecord?id=CVE-2009-0145"},{"name":"CVE-2008-3656","url":"https://www.cve.org/CVERecord?id=CVE-2008-3656"},{"name":"CVE-2009-0146","url":"https://www.cve.org/CVERecord?id=CVE-2009-0146"},{"name":"CVE-2009-0844","url":"https://www.cve.org/CVERecord?id=CVE-2009-0844"},{"name":"CVE-2009-0942","url":"https://www.cve.org/CVERecord?id=CVE-2009-0942"},{"name":"CVE-2009-0152","url":"https://www.cve.org/CVERecord?id=CVE-2009-0152"},{"name":"CVE-2009-0156","url":"https://www.cve.org/CVERecord?id=CVE-2009-0156"},{"name":"CVE-2009-0946","url":"https://www.cve.org/CVERecord?id=CVE-2009-0946"},{"name":"CVE-2009-0150","url":"https://www.cve.org/CVERecord?id=CVE-2009-0150"},{"name":"CVE-2008-4309","url":"https://www.cve.org/CVERecord?id=CVE-2008-4309"},{"name":"CVE-2007-2754","url":"https://www.cve.org/CVERecord?id=CVE-2007-2754"},{"name":"CVE-2009-0845","url":"https://www.cve.org/CVERecord?id=CVE-2009-0845"},{"name":"CVE-2009-0944","url":"https://www.cve.org/CVERecord?id=CVE-2009-0944"},{"name":"CVE-2009-0164","url":"https://www.cve.org/CVERecord?id=CVE-2009-0164"},{"name":"CVE-2009-0520","url":"https://www.cve.org/CVERecord?id=CVE-2009-0520"},{"name":"CVE-2008-2939","url":"https://www.cve.org/CVERecord?id=CVE-2008-2939"},{"name":"CVE-2009-0161","url":"https://www.cve.org/CVERecord?id=CVE-2009-0161"},{"name":"CVE-2008-0158","url":"https://www.cve.org/CVERecord?id=CVE-2008-0158"},{"name":"CVE-2004-1184","url":"https://www.cve.org/CVERecord?id=CVE-2004-1184"},{"name":"CVE-2008-5077","url":"https://www.cve.org/CVERecord?id=CVE-2008-5077"},{"name":"CVE-2006-0747","url":"https://www.cve.org/CVERecord?id=CVE-2006-0747"},{"name":"CVE-2009-0945","url":"https://www.cve.org/CVERecord?id=CVE-2009-0945"}],"links":[{"title":"D\u00e9tails concernant la mise \u00e0 jour de s\u00e9curit\u00e9 2009-002 du    12 mai 2009\u00a0:","url":"http://support.apple.com/kb/HT3397"},{"title":"Bulletin de s\u00e9curit\u00e9 Apple 61798 du 12 mai 2009 :","url":"http://docs.info.apple.com/article.html?artnum=61798"},{"title":"D\u00e9tails concernant la mise \u00e0 jour de s\u00e9curit\u00e9 2009-002 du    12 mai 2009\u00a0:","url":"http://support.apple.com/kb/HT3549"}],"reference":"CERTA-2009-AVI-186","revisions":[{"description":"version initiale.","revision_date":"2009-05-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd'exploitation Apple Mac OS X. L'exploitation de certaines d'entre elles\npeut conduire \u00e0 l'ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me\nvuln\u00e9rable.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 2009-002 Apple du 12 mai 2009","url":null}]}