{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows Vista x64 \u00c9dition, Windows Vista x64 \u00c9dition Service Pack 1, et Windows Vista x64 \u00c9dition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Vista, Windows Vista Service Pack 1, Windows Vista Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 x64 \u00c9dition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Professional x64 \u00c9dition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2008 pour architecture x64 et Windows Server 2008 Service Pack 2 pour architecture x64 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2008 pour architecture 32-bit et Windows Server 2008 Service Pack 2 pour architecture 32-bit ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2008 pour architecture Itanium et Windows Server 2008 Service Pack 2 pour architecture Itanium.","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 2 pour architecture Itanium ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2000 Service Pack 4 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLa technologie Microsoft Windows Embedded OpenType (EOT) permet\nd'inclure dans des pages web des polices de caract\u00e8res particuli\u00e8res.\nDeux vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans le composant Microsoft Windows\nEmbedded OpenType : CVE-2009-0231 et CVE-2009-0232. Elles permettent \u00e0\nun utilisateur malintentionn\u00e9 distant d'ex\u00e9cuter du code arbitraire par\nle biais d'une page web con\u00e7ue de fa\u00e7on particuli\u00e8re.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-0232","url":"https://www.cve.org/CVERecord?id=CVE-2009-0232"},{"name":"CVE-2009-0231","url":"https://www.cve.org/CVERecord?id=CVE-2009-0231"}],"links":[],"reference":"CERTA-2009-AVI-274","revisions":[{"description":"version initiale.","revision_date":"2009-07-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Deux vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans le composant Microsoft Windows\nEmbedded OpenType permet \u00e0 un utilisateur distant d'ex\u00e9cuter du code\narbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows Embedded OpenType","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS09-029 du 14 juillet 2009","url":"http://www.microsoft.com/technet/security/Bulletin/MS09-029.mspx"}]}