{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P><SPAN class=\"textit\">Symantec Enterprise Vault</SPAN> versions  8.0, 9.0 et 10.0.</P>","content":"## Description\n\nDes vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le composant Oracle Outside\nIn int\u00e9gr\u00e9 dans Symantec Enterprise Vault. L'exploitation de ces\nvuln\u00e9rabilit\u00e9s, par l'interm\u00e9diaire d'un message \u00e9lectronique contenant\nune pi\u00e8ce jointe malveillante soumis \u00e0 l'outil d'archivage, permet de\nr\u00e9aliser un d\u00e9ni de service ou d'ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-2267","url":"https://www.cve.org/CVERecord?id=CVE-2011-2267"},{"name":"CVE-2011-0808","url":"https://www.cve.org/CVERecord?id=CVE-2011-0808"},{"name":"CVE-2011-2264","url":"https://www.cve.org/CVERecord?id=CVE-2011-2264"},{"name":"CVE-2011-0794","url":"https://www.cve.org/CVERecord?id=CVE-2011-0794"}],"links":[],"reference":"CERTA-2011-AVI-492","revisions":[{"description":"version initiale.","revision_date":"2011-09-02T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Des vuln\u00e9rabilit\u00e9s dans <span class=\"textit\">Symantec Enterprise\nVault</span> permettent l'ex\u00e9cution de code arbitraire ou un d\u00e9ni de\nservice \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9s dans Symantec Enterprise Vault","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Symantec SYM11-011 du 01 septembre 2011","url":"http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20110901_00"}]}