{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>Les versions de Safari ant\u00e9rieures \u00e0  4.0 pour les syst\u00e8mes d'exploitation suivants :  <UL>    <LI>Mac OS X 10.4.x ;</LI>    <LI>Mac OS X 10.5.x ;</LI>    <LI>Mac OS X Server 10.4.x ;</LI>    <LI>Mac OS X Server 10.5.x ;</LI>    <LI>Windows XP ;</LI>    <LI>Windows Vista.</LI>  </UL></p>","content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans Apple Safari ont \u00e9t\u00e9 corrig\u00e9es dont :\n\n-   Des images identifi\u00e9es comme des fichiers HTML permettent\n    l'ex\u00e9cution automatique de Javascript ;\n-   plusieurs corruptions m\u00e9moire affectant le composant CoreGraphics\n    permettent l'ex\u00e9cution de code arbitraire (Microsoft Windows) \u00e0\n    distance ;\n-   plusieurs vuln\u00e9rabilit\u00e9s affectent le composant WebKit et\n    permettent, entre autre, des attaques en XSS ou l'ex\u00e9cution de code\n    arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2006-2783","url":"https://www.cve.org/CVERecord?id=CVE-2006-2783"},{"name":"CVE-2009-1702","url":"https://www.cve.org/CVERecord?id=CVE-2009-1702"},{"name":"CVE-2008-4226","url":"https://www.cve.org/CVERecord?id=CVE-2008-4226"},{"name":"CVE-2009-1697","url":"https://www.cve.org/CVERecord?id=CVE-2009-1697"},{"name":"CVE-2008-4225","url":"https://www.cve.org/CVERecord?id=CVE-2008-4225"},{"name":"CVE-2009-1710","url":"https://www.cve.org/CVERecord?id=CVE-2009-1710"},{"name":"CVE-2009-1694","url":"https://www.cve.org/CVERecord?id=CVE-2009-1694"},{"name":"CVE-2009-0153","url":"https://www.cve.org/CVERecord?id=CVE-2009-0153"},{"name":"CVE-2009-1686","url":"https://www.cve.org/CVERecord?id=CVE-2009-1686"},{"name":"CVE-2009-1688","url":"https://www.cve.org/CVERecord?id=CVE-2009-1688"},{"name":"CVE-2008-3529","url":"https://www.cve.org/CVERecord?id=CVE-2008-3529"},{"name":"CVE-2009-1685","url":"https://www.cve.org/CVERecord?id=CVE-2009-1685"},{"name":"CVE-2009-1696","url":"https://www.cve.org/CVERecord?id=CVE-2009-1696"},{"name":"CVE-2009-0040","url":"https://www.cve.org/CVERecord?id=CVE-2009-0040"},{"name":"CVE-2009-1707","url":"https://www.cve.org/CVERecord?id=CVE-2009-1707"},{"name":"CVE-2009-1709","url":"https://www.cve.org/CVERecord?id=CVE-2009-1709"},{"name":"CVE-2009-1708","url":"https://www.cve.org/CVERecord?id=CVE-2009-1708"},{"name":"CVE-2009-1704","url":"https://www.cve.org/CVERecord?id=CVE-2009-1704"},{"name":"CVE-2009-1698","url":"https://www.cve.org/CVERecord?id=CVE-2009-1698"},{"name":"CVE-2009-1701","url":"https://www.cve.org/CVERecord?id=CVE-2009-1701"},{"name":"CVE-2009-1682","url":"https://www.cve.org/CVERecord?id=CVE-2009-1682"},{"name":"CVE-2009-1693","url":"https://www.cve.org/CVERecord?id=CVE-2009-1693"},{"name":"CVE-2009-1684","url":"https://www.cve.org/CVERecord?id=CVE-2009-1684"},{"name":"CVE-2009-1705","url":"https://www.cve.org/CVERecord?id=CVE-2009-1705"},{"name":"CVE-2009-1703","url":"https://www.cve.org/CVERecord?id=CVE-2009-1703"},{"name":"CVE-2008-2320","url":"https://www.cve.org/CVERecord?id=CVE-2008-2320"},{"name":"CVE-2009-1712","url":"https://www.cve.org/CVERecord?id=CVE-2009-1712"},{"name":"CVE-2009-1714","url":"https://www.cve.org/CVERecord?id=CVE-2009-1714"},{"name":"CVE-2008-3281","url":"https://www.cve.org/CVERecord?id=CVE-2008-3281"},{"name":"CVE-2009-1695","url":"https://www.cve.org/CVERecord?id=CVE-2009-1695"},{"name":"CVE-2008-3632","url":"https://www.cve.org/CVERecord?id=CVE-2008-3632"},{"name":"CVE-2009-1681","url":"https://www.cve.org/CVERecord?id=CVE-2009-1681"},{"name":"CVE-2009-1718","url":"https://www.cve.org/CVERecord?id=CVE-2009-1718"},{"name":"CVE-2008-1588","url":"https://www.cve.org/CVERecord?id=CVE-2008-1588"},{"name":"CVE-2008-4409","url":"https://www.cve.org/CVERecord?id=CVE-2008-4409"},{"name":"CVE-2009-1691","url":"https://www.cve.org/CVERecord?id=CVE-2009-1691"},{"name":"CVE-2009-0145","url":"https://www.cve.org/CVERecord?id=CVE-2009-0145"},{"name":"CVE-2009-1179","url":"https://www.cve.org/CVERecord?id=CVE-2009-1179"},{"name":"CVE-2009-1689","url":"https://www.cve.org/CVERecord?id=CVE-2009-1689"},{"name":"CVE-2009-1687","url":"https://www.cve.org/CVERecord?id=CVE-2009-1687"},{"name":"CVE-2009-1713","url":"https://www.cve.org/CVERecord?id=CVE-2009-1713"},{"name":"CVE-2009-1699","url":"https://www.cve.org/CVERecord?id=CVE-2009-1699"},{"name":"CVE-2009-0946","url":"https://www.cve.org/CVERecord?id=CVE-2009-0946"},{"name":"CVE-2009-1716","url":"https://www.cve.org/CVERecord?id=CVE-2009-1716"},{"name":"CVE-2009-1706","url":"https://www.cve.org/CVERecord?id=CVE-2009-1706"},{"name":"CVE-2009-1700","url":"https://www.cve.org/CVERecord?id=CVE-2009-1700"},{"name":"CVE-2009-1690","url":"https://www.cve.org/CVERecord?id=CVE-2009-1690"},{"name":"CVE-2008-2321","url":"https://www.cve.org/CVERecord?id=CVE-2008-2321"},{"name":"CVE-2009-1711","url":"https://www.cve.org/CVERecord?id=CVE-2009-1711"},{"name":"CVE-2008-4231","url":"https://www.cve.org/CVERecord?id=CVE-2008-4231"},{"name":"CVE-2009-1715","url":"https://www.cve.org/CVERecord?id=CVE-2009-1715"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Apple HT3613 du 08 juin 2009 :","url":"http://support.apple.com/kb/HT3613"}],"reference":"CERTA-2009-AVI-223","revisions":[{"description":"version initiale.","revision_date":"2009-06-10T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans Apple Safari permettant, entre autre,\nl'ex\u00e9cution de code arbitraire \u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Apple HT3613 du 8 juin 2009","url":null}]}