{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Oracle WebLogic Server 8.1 \u00e0 8.1 SP6 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Access Manager versions 7.0.4.3, 10.1.4.2 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Primavera P6 Web Services 6.2.1, 7.0 et 7.0SP1.","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server 10.0 \u00e0 10.0 MP2, 10.3.0 et 10.3.1 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle JRockit R27.6.5 et versions ant\u00e9rieures (JDK/JRE 6, 5, 1.4.2) ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 et 12.1.2 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server 9.0 GA, 9.1 GA et 9.2 \u00e0 9.2 MP3 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 11g, version 11.1.0.7 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Primavera P6 Enterprise Project Portfolio Management 6.1, 6.2.1 et 7.0 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle E-Business Suite Release 11i, version 11.5.10.2 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 10g, version 10.1.0.5 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"PeopleSoft Enterprise HCM (TAM), versions 8.9 et 9.0. ;","product":{"name":"PeopleSoft","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.4.0, 10.1.3.5*, 10.1.3.5.1* ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4 ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle WebLogic Server 7.0 \u00e0 7.0 SP7 ;","product":{"name":"Weblogic","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle\nsuivants :\n\n-   Oracle Database ;\n-   Oracle Application Server ;\n-   Oracle Access Manager ;\n-   Oracle E-Business Suite ;\n-   PeopleSoft Enterprise HCM (TAM) ;\n-   Oracle WebLogic Server ;\n-   Oracle JRockit ;\n-   Primavera P6 Enterprise Project Portfolio Management ;\n-   Primavera P6 Web Services.\n\nL'exploitation de ces vuln\u00e9rabilit\u00e9s permet de r\u00e9aliser diverses actions\nmalveillantes, dont l'ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-3877","url":"https://www.cve.org/CVERecord?id=CVE-2009-3877"},{"name":"CVE-2009-3414","url":"https://www.cve.org/CVERecord?id=CVE-2009-3414"},{"name":"CVE-2010-0068","url":"https://www.cve.org/CVERecord?id=CVE-2010-0068"},{"name":"CVE-2009-3871","url":"https://www.cve.org/CVERecord?id=CVE-2009-3871"},{"name":"CVE-2010-0075","url":"https://www.cve.org/CVERecord?id=CVE-2010-0075"},{"name":"CVE-2009-3416","url":"https://www.cve.org/CVERecord?id=CVE-2009-3416"},{"name":"CVE-2010-0070","url":"https://www.cve.org/CVERecord?id=CVE-2010-0070"},{"name":"CVE-2010-0077","url":"https://www.cve.org/CVERecord?id=CVE-2010-0077"},{"name":"CVE-2010-0072","url":"https://www.cve.org/CVERecord?id=CVE-2010-0072"},{"name":"CVE-2009-3867","url":"https://www.cve.org/CVERecord?id=CVE-2009-3867"},{"name":"CVE-2010-0074","url":"https://www.cve.org/CVERecord?id=CVE-2010-0074"},{"name":"CVE-2009-3410","url":"https://www.cve.org/CVERecord?id=CVE-2009-3410"},{"name":"CVE-2010-0071","url":"https://www.cve.org/CVERecord?id=CVE-2010-0071"},{"name":"CVE-2009-3872","url":"https://www.cve.org/CVERecord?id=CVE-2009-3872"},{"name":"CVE-2010-0069","url":"https://www.cve.org/CVERecord?id=CVE-2010-0069"},{"name":"CVE-2009-3415","url":"https://www.cve.org/CVERecord?id=CVE-2009-3415"},{"name":"CVE-2009-2625","url":"https://www.cve.org/CVERecord?id=CVE-2009-2625"},{"name":"CVE-2009-3876","url":"https://www.cve.org/CVERecord?id=CVE-2009-3876"},{"name":"CVE-2009-3411","url":"https://www.cve.org/CVERecord?id=CVE-2009-3411"},{"name":"CVE-2009-3875","url":"https://www.cve.org/CVERecord?id=CVE-2009-3875"},{"name":"CVE-2009-3869","url":"https://www.cve.org/CVERecord?id=CVE-2009-3869"},{"name":"CVE-2010-0080","url":"https://www.cve.org/CVERecord?id=CVE-2010-0080"},{"name":"CVE-2009-3873","url":"https://www.cve.org/CVERecord?id=CVE-2009-3873"},{"name":"CVE-2009-3412","url":"https://www.cve.org/CVERecord?id=CVE-2009-3412"},{"name":"CVE-2010-0076","url":"https://www.cve.org/CVERecord?id=CVE-2010-0076"},{"name":"CVE-2009-3874","url":"https://www.cve.org/CVERecord?id=CVE-2009-3874"},{"name":"CVE-2009-1996","url":"https://www.cve.org/CVERecord?id=CVE-2009-1996"},{"name":"CVE-2009-3868","url":"https://www.cve.org/CVERecord?id=CVE-2009-3868"},{"name":"CVE-2010-0078","url":"https://www.cve.org/CVERecord?id=CVE-2010-0078"},{"name":"CVE-2010-0079","url":"https://www.cve.org/CVERecord?id=CVE-2010-0079"},{"name":"CVE-2010-0067","url":"https://www.cve.org/CVERecord?id=CVE-2010-0067"},{"name":"CVE-2009-3413","url":"https://www.cve.org/CVERecord?id=CVE-2009-3413"},{"name":"CVE-2010-0066","url":"https://www.cve.org/CVERecord?id=CVE-2010-0066"}],"links":[],"reference":"CERTA-2010-AVI-010","revisions":[{"description":"version initiale.","revision_date":"2010-01-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle.\nL'exploitation de ces vuln\u00e9rabilit\u00e9s permet de r\u00e9aliser diverses actions\nmalveillantes, dont l'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans des produits Oracle","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle du 13 janvier 2010","url":"http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2010.html"}]}