{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Java for Business, JDK et JRE 5.0 mise \u00e0 jour 27 et versions ant\u00e9rieures pour Windows, Solaris et Linux ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Java SE, JDK 5.0 mise \u00e0 jour 27 et versions ant\u00e9rieures pour Solaris 9 ;","product":{"name":"Java SE","vendor":{"name":"Oracle","scada":false}}},{"description":"Java for Business, JDK et JRE 6 mise \u00e0 jour 23 et versions ant\u00e9rieures pour Windows, Solaris et Linux ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Java for Business, SDK et JRE 1.4.2_29 et versions ant\u00e9rieures pour Windows, Solaris et Linux.","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Java SE, JDK et JRE 6 mise \u00e0 jour 23 et versions ant\u00e9rieures pour Windows, Solaris et Linux ;","product":{"name":"Java SE","vendor":{"name":"Oracle","scada":false}}},{"description":"Java SE, SDK 1.4.2_29 et versions ant\u00e9rieures pour Solaris 8 ;","product":{"name":"Java SE","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nOracle a publi\u00e9 un correctif trimestriel corrigeant 25 vuln\u00e9rabilit\u00e9s,\nexploitables \u00e0 distance pour 23 d'entre elles.\n\nCertaines permettent \u00e0 un utilisateur malveillant d'ex\u00e9cuter du code\narbitraire \u00e0 distance, les autres, de porter atteinte \u00e0 l'int\u00e9grit\u00e9\net/ou \u00e0 la confidentialit\u00e9 des donn\u00e9es pr\u00e9sentes sur le syst\u00e8me\nvuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-4476","url":"https://www.cve.org/CVERecord?id=CVE-2010-4476"},{"name":"CVE-2010-4465","url":"https://www.cve.org/CVERecord?id=CVE-2010-4465"},{"name":"CVE-2010-4470","url":"https://www.cve.org/CVERecord?id=CVE-2010-4470"},{"name":"CVE-2010-4473","url":"https://www.cve.org/CVERecord?id=CVE-2010-4473"},{"name":"CVE-2010-4447","url":"https://www.cve.org/CVERecord?id=CVE-2010-4447"},{"name":"CVE-2010-4451","url":"https://www.cve.org/CVERecord?id=CVE-2010-4451"},{"name":"CVE-2010-4452","url":"https://www.cve.org/CVERecord?id=CVE-2010-4452"},{"name":"CVE-2010-4467","url":"https://www.cve.org/CVERecord?id=CVE-2010-4467"},{"name":"CVE-2010-4450","url":"https://www.cve.org/CVERecord?id=CVE-2010-4450"},{"name":"CVE-2010-4468","url":"https://www.cve.org/CVERecord?id=CVE-2010-4468"},{"name":"CVE-2010-4422","url":"https://www.cve.org/CVERecord?id=CVE-2010-4422"},{"name":"CVE-2010-4448","url":"https://www.cve.org/CVERecord?id=CVE-2010-4448"},{"name":"CVE-2010-4462","url":"https://www.cve.org/CVERecord?id=CVE-2010-4462"},{"name":"CVE-2010-4471","url":"https://www.cve.org/CVERecord?id=CVE-2010-4471"},{"name":"CVE-2010-4454","url":"https://www.cve.org/CVERecord?id=CVE-2010-4454"},{"name":"CVE-2010-4472","url":"https://www.cve.org/CVERecord?id=CVE-2010-4472"},{"name":"CVE-2010-4463","url":"https://www.cve.org/CVERecord?id=CVE-2010-4463"},{"name":"CVE-2010-4469","url":"https://www.cve.org/CVERecord?id=CVE-2010-4469"},{"name":"CVE-2010-4475","url":"https://www.cve.org/CVERecord?id=CVE-2010-4475"},{"name":"CVE-2010-4466","url":"https://www.cve.org/CVERecord?id=CVE-2010-4466"},{"name":"CVE-2010-4474","url":"https://www.cve.org/CVERecord?id=CVE-2010-4474"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 HP c02775276 du 01 juin 2011 :","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02775276"},{"title":"Bulletin de s\u00e9curit\u00e9 Apple du 08 mars 2011 pour Mac OS X    10.6 :","url":"http://support.apple.com/kb/HT4562"},{"title":"Bulletin de s\u00e9curit\u00e9 Apple du 08 mars 2011 pour Mac OS X    10.5 :","url":"http://support.apple.com/kb/HT4563"},{"title":"Bulletin de s\u00e9curit\u00e9 Oracle javacpufeb2011-304611 du 15    f\u00e9vrier 2011 :","url":"http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html"},{"title":"Document du CERTA CERTA-2011-AVI-079 du 10 f\u00e9vrier 2011 :","url":"http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-079/index.html"}],"reference":"CERTA-2011-AVI-093","revisions":[{"description":"version initiale.","revision_date":"2011-02-16T00:00:00.000000"},{"description":"ajout de la mise \u00e0 jour de Java pour les syst\u00e8mes Mac OS X.","revision_date":"2011-03-09T00:00:00.000000"},{"description":"ajout de la mise \u00e0 jour de Java pour les syst\u00e8mes HP-UX.","revision_date":"2011-06-06T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De nombreuses vuln\u00e9rabilit\u00e9s affectant Oracle Java ont \u00e9t\u00e9 corrig\u00e9es.\nCertaines permettent \u00e0 un utilisateur malveillant d'ex\u00e9cuter du code\narbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle javacpufeb2011-304611 du 15 f\u00e9vrier 2011","url":null}]}