{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Java for Business, JDK/JRE 6 Update 18 et ant\u00e9rieures pour Windows, Solaris, et Linux ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Java for Business, SDK/JRE 1.4.2_25 et ant\u00e9rieures pour Windows, Solaris, et Linux.","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Java SE, JDK/JRE 6 Update 18 et ant\u00e9rieures pour Windows, Solaris, et Linux ;","product":{"name":"Java SE","vendor":{"name":"Oracle","scada":false}}},{"description":"Java SE, SDK 1.4.2_25 et ant\u00e9rieures pour Solaris ;","product":{"name":"Java SE","vendor":{"name":"Oracle","scada":false}}},{"description":"Java for Business, JDK/JRE 5.0 Update 23 et ant\u00e9rieures pour Windows, Solaris, et Linux ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Java SE, JDK 5.0 Update 23 et ant\u00e9rieures pour Solaris ;","product":{"name":"Java SE","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java :\n\n-   une erreur dans le code de la classe HeadspaceSoundbank peut\n    provoquer un d\u00e9bordement de m\u00e9moire par le biais d'un fichier\n    Soundbank sp\u00e9cialement con\u00e7u ;\n-   une erreur dans le traitement des images peut provoquer un\n    d\u00e9bordement de m\u00e9moire par le biais d'une applet Java sp\u00e9cialement\n    con\u00e7ue ;\n-   plusieurs autres vuln\u00e9rabilit\u00e9s non pr\u00e9cis\u00e9es sont pr\u00e9sentes dans\n    les composants Oracle Java.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-0090","url":"https://www.cve.org/CVERecord?id=CVE-2010-0090"},{"name":"CVE-2010-0840","url":"https://www.cve.org/CVERecord?id=CVE-2010-0840"},{"name":"CVE-2010-0846","url":"https://www.cve.org/CVERecord?id=CVE-2010-0846"},{"name":"CVE-2010-0844","url":"https://www.cve.org/CVERecord?id=CVE-2010-0844"},{"name":"CVE-2010-0841","url":"https://www.cve.org/CVERecord?id=CVE-2010-0841"},{"name":"CVE-2010-0845","url":"https://www.cve.org/CVERecord?id=CVE-2010-0845"},{"name":"CVE-2010-0089","url":"https://www.cve.org/CVERecord?id=CVE-2010-0089"},{"name":"CVE-2010-0847","url":"https://www.cve.org/CVERecord?id=CVE-2010-0847"},{"name":"CVE-2009-3335","url":"https://www.cve.org/CVERecord?id=CVE-2009-3335"},{"name":"CVE-2010-0843","url":"https://www.cve.org/CVERecord?id=CVE-2010-0843"},{"name":"CVE-2010-0839","url":"https://www.cve.org/CVERecord?id=CVE-2010-0839"},{"name":"CVE-2010-0849","url":"https://www.cve.org/CVERecord?id=CVE-2010-0849"},{"name":"CVE-2010-0093","url":"https://www.cve.org/CVERecord?id=CVE-2010-0093"},{"name":"CVE-2010-0848","url":"https://www.cve.org/CVERecord?id=CVE-2010-0848"},{"name":"CVE-2010-0092","url":"https://www.cve.org/CVERecord?id=CVE-2010-0092"},{"name":"CVE-2010-0085","url":"https://www.cve.org/CVERecord?id=CVE-2010-0085"},{"name":"CVE-2010-0095","url":"https://www.cve.org/CVERecord?id=CVE-2010-0095"},{"name":"CVE-2010-0091","url":"https://www.cve.org/CVERecord?id=CVE-2010-0091"},{"name":"CVE-2010-0084","url":"https://www.cve.org/CVERecord?id=CVE-2010-0084"},{"name":"CVE-2010-0088","url":"https://www.cve.org/CVERecord?id=CVE-2010-0088"},{"name":"CVE-2010-0842","url":"https://www.cve.org/CVERecord?id=CVE-2010-0842"},{"name":"CVE-2010-0837","url":"https://www.cve.org/CVERecord?id=CVE-2010-0837"},{"name":"CVE-2010-0094","url":"https://www.cve.org/CVERecord?id=CVE-2010-0094"},{"name":"CVE-2010-0082","url":"https://www.cve.org/CVERecord?id=CVE-2010-0082"},{"name":"CVE-2010-0087","url":"https://www.cve.org/CVERecord?id=CVE-2010-0087"},{"name":"CVE-2010-0838","url":"https://www.cve.org/CVERecord?id=CVE-2010-0838"},{"name":"CVE-2010-0850","url":"https://www.cve.org/CVERecord?id=CVE-2010-0850"}],"links":[],"reference":"CERTA-2010-AVI-152","revisions":[{"description":"version initiale.","revision_date":"2010-04-01T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans Oracle Java peuvent \u00eatre\nexploit\u00e9es par un utilisateur malintentionn\u00e9 afin de compromettre le\nsyst\u00e8me ou d'entraver son bon fonctionnement.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle Java de mars 2010","url":"http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html"}]}