{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"VMware vMA 4.0 sans le patch 3.","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESX 3.0.3 ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESX 3.5 ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESX 2.5.5 ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESX 4.0 sans les patchs SX400-201002404-SG, SX400-201002406-SG, SX400-201002407-SG ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLes vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits VMware peuvent \u00eatre\nexploit\u00e9es afin de porter atteinte \u00e0 l'int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, de r\u00e9aliser un d\u00e9ni de service, d'injecter et d'ex\u00e9cuter\nindirectement du code arbitraire, d'\u00e9lever ses privil\u00e8ges ou d'ex\u00e9cuter\ndu code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-2905","url":"https://www.cve.org/CVERecord?id=CVE-2009-2905"},{"name":"CVE-2009-1387","url":"https://www.cve.org/CVERecord?id=CVE-2009-1387"},{"name":"CVE-2009-3560","url":"https://www.cve.org/CVERecord?id=CVE-2009-3560"},{"name":"CVE-2009-2849","url":"https://www.cve.org/CVERecord?id=CVE-2009-2849"},{"name":"CVE-2009-3916","url":"https://www.cve.org/CVERecord?id=CVE-2009-3916"},{"name":"CVE-2009-0115","url":"https://www.cve.org/CVERecord?id=CVE-2009-0115"},{"name":"CVE-2009-1379","url":"https://www.cve.org/CVERecord?id=CVE-2009-1379"},{"name":"CVE-2009-3613","url":"https://www.cve.org/CVERecord?id=CVE-2009-3613"},{"name":"CVE-2009-4022","url":"https://www.cve.org/CVERecord?id=CVE-2009-4022"},{"name":"CVE-2009-3563","url":"https://www.cve.org/CVERecord?id=CVE-2009-3563"},{"name":"CVE-2009-3620","url":"https://www.cve.org/CVERecord?id=CVE-2009-3620"},{"name":"CVE-2009-1189","url":"https://www.cve.org/CVERecord?id=CVE-2009-1189"},{"name":"CVE-2009-3228","url":"https://www.cve.org/CVERecord?id=CVE-2009-3228"},{"name":"CVE-2009-3547","url":"https://www.cve.org/CVERecord?id=CVE-2009-3547"},{"name":"CVE-2009-2695","url":"https://www.cve.org/CVERecord?id=CVE-2009-2695"},{"name":"CVE-2008-4316","url":"https://www.cve.org/CVERecord?id=CVE-2008-4316"},{"name":"CVE-2009-1378","url":"https://www.cve.org/CVERecord?id=CVE-2009-1378"},{"name":"CVE-2008-3916","url":"https://www.cve.org/CVERecord?id=CVE-2008-3916"},{"name":"CVE-2009-1386","url":"https://www.cve.org/CVERecord?id=CVE-2009-1386"},{"name":"CVE-2009-1377","url":"https://www.cve.org/CVERecord?id=CVE-2009-1377"},{"name":"CVE-2009-0590","url":"https://www.cve.org/CVERecord?id=CVE-2009-0590"},{"name":"CVE-2009-3286","url":"https://www.cve.org/CVERecord?id=CVE-2009-3286"},{"name":"CVE-2008-4552","url":"https://www.cve.org/CVERecord?id=CVE-2008-4552"},{"name":"CVE-2009-3612","url":"https://www.cve.org/CVERecord?id=CVE-2009-3612"},{"name":"CVE-2009-3621","url":"https://www.cve.org/CVERecord?id=CVE-2009-3621"},{"name":"CVE-2009-3720","url":"https://www.cve.org/CVERecord?id=CVE-2009-3720"},{"name":"CVE-2009-2904","url":"https://www.cve.org/CVERecord?id=CVE-2009-2904"},{"name":"CVE-2009-2908","url":"https://www.cve.org/CVERecord?id=CVE-2009-2908"},{"name":"CVE-2009-3726","url":"https://www.cve.org/CVERecord?id=CVE-2009-3726"}],"links":[],"reference":"CERTA-2010-AVI-106","revisions":[{"description":"version initiale.","revision_date":"2010-03-04T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits VMware peuvent\n\u00eatre exploit\u00e9es \u00e0 distance par un utilisateur malintentionn\u00e9 afin de\ncompromettre le syst\u00e8me ou d'entraver son bon fonctionnement.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMware du 03 mars 2010","url":"http://lists.vmware.com/pipermail/security-announce/2010/000082.html"}]}