{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"VMware Server 2.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware VIX API ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Fusion 3.x et 2.x ;","product":{"name":"Fusion","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ACE 2.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ESX et ESXi ;","product":{"name":"ESXi","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Workstation 7.x et 6.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Player 3.x et 2.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s affectant les produits VMware ont \u00e9t\u00e9\npubli\u00e9es. Elles permettent \u00e0 un utilisateur malveillant d'effcetuer\ndiverses atteintes \u00e0 la s\u00e9curit\u00e9 du syst\u00e8me vuln\u00e9rable :\n\n-   ex\u00e9cution de code arbitraire \u00e0 distance dans le contexte de\n    l'utilisateur connect\u00e9 ;\n-   ex\u00e9cution de code arbitraire ;\n-   d\u00e9ni de service local ;\n-   atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es par utilisation de la pile\n    r\u00e9seau virtuelle ;\n-   \u00e9l\u00e9vation de privil\u00e8ges sur des syst\u00e8mes Windows.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-3707","url":"https://www.cve.org/CVERecord?id=CVE-2009-3707"},{"name":"CVE-2009-1142","url":"https://www.cve.org/CVERecord?id=CVE-2009-1142"},{"name":"CVE-2009-1141","url":"https://www.cve.org/CVERecord?id=CVE-2009-1141"},{"name":"CVE-2010-1139","url":"https://www.cve.org/CVERecord?id=CVE-2010-1139"},{"name":"CVE-2009-1564","url":"https://www.cve.org/CVERecord?id=CVE-2009-1564"},{"name":"CVE-2009-1565","url":"https://www.cve.org/CVERecord?id=CVE-2009-1565"},{"name":"CVE-2009-3732","url":"https://www.cve.org/CVERecord?id=CVE-2009-3732"},{"name":"CVE-2009-1140","url":"https://www.cve.org/CVERecord?id=CVE-2009-1140"},{"name":"CVE-2009-2042","url":"https://www.cve.org/CVERecord?id=CVE-2009-2042"},{"name":"CVE-2010-1138","url":"https://www.cve.org/CVERecord?id=CVE-2010-1138"}],"links":[],"reference":"CERTA-2010-AVI-162","revisions":[{"description":"version initiale.","revision_date":"2010-04-09T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"D\u00e9ni de service"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s affectant les produits VMware ont \u00e9t\u00e9\npubli\u00e9es. Elles permettent \u00e0 un utilisateur malveillant d'effcetuer\ndiverses atteintes \u00e0 la s\u00e9curit\u00e9 du syst\u00e8me vuln\u00e9rable.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMware VMSA-2010-0007 du 09 avril 2010","url":"http://lists.vmware.com/pipermail/security-announce/2010/000090.html"}]}