{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"clients et serveurs Subversion versions 1.6.0 \u00e0 1.6.3 (incluses).","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Clients et serveurs Subversion versions 1.5.6 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples d\u00e9bordements de m\u00e9moire ont \u00e9t\u00e9 d\u00e9couverts dans Subversion.\nLa biblioth\u00e8que libsvn_delta n'effectue pas suffisamment de validations\ndes flux, ce qui peut \u00eatre exploit\u00e9 pour ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-2411","url":"https://www.cve.org/CVERecord?id=CVE-2009-2411"},{"name":"CVE-2009-2412","url":"https://www.cve.org/CVERecord?id=CVE-2009-2412"}],"links":[],"reference":"CERTA-2009-AVI-320","revisions":[{"description":"version initiale.","revision_date":"2009-08-11T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans <span class=\"textit\">Subversion</span>\npermettent d'ex\u00e9cuter du code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Subversion","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Subversion","url":"http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt"}]}