{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Oracle WebLogic Portal, versions 8.1 \u00e0 8.1 SP6, 9.2 \u00e0 9.2 MP3, 10.0 \u00e0 10.0MP1, 10.2 \u00e0 10.2MP1 et 10.3 \u00e0 10.3.1 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"AutoVue version 19.3 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.4.0 et 10.1.3.5.0 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"JDEdward Tools version 8.98 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 9i Release 2, versions 9.2.0.8 et 9.2.0.8DV ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"PeopleSoft Enterprise HCM (TAM) versions 8.9 et 9.0 ;","product":{"name":"PeopleSoft","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server versions 9.0 GA, 9.1 GA et 9.2 \u00e0 9.2 MP3 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 11g, version 11.1.0.7 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 10g, version 10.1.0.5 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server versions 10.0 jusqu'\u00e0 MP1 et version 10.3 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Business Intelligence Enterprise Edition, versions 10.1.3.4.0 et 10.1.3.4.1 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 10g Release 2, versions 10.2.0.3 et 10.2.0.4 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Communications Order et Service Management, versions 2.8.0, 6.2.0, 6.3.0 et 6.3.1.","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server versions 8.1 \u00e0 8.1 SP5 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle E-Business Suite Release 11i version 11.5.10.2 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"PeopleSoft PeopleTools & Enterprise Portal version 8.49 ;","product":{"name":"PeopleSoft","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle E-Business Suite Release 12 versions 12.0.6 et 12.1 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle JRockit R27.6.4 et versions ant\u00e9rieures (JDK/JRE 6, 5, 1.4.2) ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Agile Engineering Data Management (EDM) version 6.1 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server versions 7.0 \u00e0 7.0 SP6 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les diff\u00e9rents\nproduits Oracle. Ces vuln\u00e9rabilit\u00e9s touchent les produits des branches\nde gestion de base de donn\u00e9es, de serveurs applicatifs, de E-business,\nde PeopleSoft et de BEA.\n\nL'exploitation de ces nombreuses vuln\u00e9rabilit\u00e9s permet des actions\nmalveillantes diverses, dont l'ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-3399","url":"https://www.cve.org/CVERecord?id=CVE-2009-3399"},{"name":"CVE-2009-3400","url":"https://www.cve.org/CVERecord?id=CVE-2009-3400"},{"name":"CVE-2009-2002","url":"https://www.cve.org/CVERecord?id=CVE-2009-2002"},{"name":"CVE-2009-3406","url":"https://www.cve.org/CVERecord?id=CVE-2009-3406"},{"name":"CVE-2009-1972","url":"https://www.cve.org/CVERecord?id=CVE-2009-1972"},{"name":"CVE-2009-1993","url":"https://www.cve.org/CVERecord?id=CVE-2009-1993"},{"name":"CVE-2009-3403","url":"https://www.cve.org/CVERecord?id=CVE-2009-3403"},{"name":"CVE-2009-3404","url":"https://www.cve.org/CVERecord?id=CVE-2009-3404"},{"name":"CVE-2009-3392","url":"https://www.cve.org/CVERecord?id=CVE-2009-3392"},{"name":"CVE-2009-1979","url":"https://www.cve.org/CVERecord?id=CVE-2009-1979"},{"name":"CVE-2009-1995","url":"https://www.cve.org/CVERecord?id=CVE-2009-1995"},{"name":"CVE-2009-3402","url":"https://www.cve.org/CVERecord?id=CVE-2009-3402"},{"name":"CVE-2009-1998","url":"https://www.cve.org/CVERecord?id=CVE-2009-1998"},{"name":"CVE-2009-1964","url":"https://www.cve.org/CVERecord?id=CVE-2009-1964"},{"name":"CVE-2009-1990","url":"https://www.cve.org/CVERecord?id=CVE-2009-1990"},{"name":"CVE-2009-1992","url":"https://www.cve.org/CVERecord?id=CVE-2009-1992"},{"name":"CVE-2009-3396","url":"https://www.cve.org/CVERecord?id=CVE-2009-3396"},{"name":"CVE-2009-3395","url":"https://www.cve.org/CVERecord?id=CVE-2009-3395"},{"name":"CVE-2009-3408","url":"https://www.cve.org/CVERecord?id=CVE-2009-3408"},{"name":"CVE-2009-2625","url":"https://www.cve.org/CVERecord?id=CVE-2009-2625"},{"name":"CVE-2009-2000","url":"https://www.cve.org/CVERecord?id=CVE-2009-2000"},{"name":"CVE-2009-3397","url":"https://www.cve.org/CVERecord?id=CVE-2009-3397"},{"name":"CVE-2009-1965","url":"https://www.cve.org/CVERecord?id=CVE-2009-1965"},{"name":"CVE-2009-2001","url":"https://www.cve.org/CVERecord?id=CVE-2009-2001"},{"name":"CVE-2009-1018","url":"https://www.cve.org/CVERecord?id=CVE-2009-1018"},{"name":"CVE-2009-1991","url":"https://www.cve.org/CVERecord?id=CVE-2009-1991"},{"name":"CVE-2009-0217","url":"https://www.cve.org/CVERecord?id=CVE-2009-0217"},{"name":"CVE-2009-1971","url":"https://www.cve.org/CVERecord?id=CVE-2009-1971"},{"name":"CVE-2009-1985","url":"https://www.cve.org/CVERecord?id=CVE-2009-1985"},{"name":"CVE-2009-1997","url":"https://www.cve.org/CVERecord?id=CVE-2009-1997"},{"name":"CVE-2009-3405","url":"https://www.cve.org/CVERecord?id=CVE-2009-3405"},{"name":"CVE-2009-1007","url":"https://www.cve.org/CVERecord?id=CVE-2009-1007"},{"name":"CVE-2009-3409","url":"https://www.cve.org/CVERecord?id=CVE-2009-3409"},{"name":"CVE-2009-3401","url":"https://www.cve.org/CVERecord?id=CVE-2009-3401"},{"name":"CVE-2009-1999","url":"https://www.cve.org/CVERecord?id=CVE-2009-1999"},{"name":"CVE-2009-1994","url":"https://www.cve.org/CVERecord?id=CVE-2009-1994"},{"name":"CVE-2009-3407","url":"https://www.cve.org/CVERecord?id=CVE-2009-3407"},{"name":"CVE-2009-3393","url":"https://www.cve.org/CVERecord?id=CVE-2009-3393"}],"links":[],"reference":"CERTA-2009-AVI-452","revisions":[{"description":"version initiale.","revision_date":"2009-10-21T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s affectent diff\u00e9rents produits Oracle.\nL'exploitation de ces vuln\u00e9rabilit\u00e9s permet de nombreuses actions\nmalveillantes, dont l'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s des produits Oracle","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle du mois d'octobre 2009","url":"http://www.oracle.com/technologiy/deploy/security/critical-patch-updates/cpuoct2009.html"}]}