{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>Safari pour Mac OS et Windows versions  ant\u00e9rieures \u00e0 5.1.4.</p>","content":"## Description\n\nDe tr\u00e8s nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le navigateur\nSafari :\n\n-   de multiples probl\u00e8mes de corruption m\u00e9moire permettent \u00e0 un\n    attaquant d'ex\u00e9cuter du code arbitraire sur le client \u00e0 l'aide de\n    pages Web sp\u00e9cialement con\u00e7ues ;\n-   l'affichage des caract\u00e8res dans la barre d'adresse permet de tromper\n    un utilisateur sur l'identit\u00e9 du site qu'il visite ;\n-   certaines informations sur l'historique des pages visit\u00e9es sont\n    enregistr\u00e9es m\u00eame quand l'option 'Navigation priv\u00e9e' est activ\u00e9e ;\n-   plusieurs vuln\u00e9rabilit\u00e9s permettent une injection de code indirecte\n    \u00e0 distance;\n-   des cookies peuvent \u00eatre r\u00e9v\u00e9l\u00e9s \u00e0 un site ill\u00e9gitime.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-0602","url":"https://www.cve.org/CVERecord?id=CVE-2012-0602"},{"name":"CVE-2012-0589","url":"https://www.cve.org/CVERecord?id=CVE-2012-0589"},{"name":"CVE-2012-0597","url":"https://www.cve.org/CVERecord?id=CVE-2012-0597"},{"name":"CVE-2011-2860","url":"https://www.cve.org/CVERecord?id=CVE-2011-2860"},{"name":"CVE-2011-2855","url":"https://www.cve.org/CVERecord?id=CVE-2011-2855"},{"name":"CVE-2012-0628","url":"https://www.cve.org/CVERecord?id=CVE-2012-0628"},{"name":"CVE-2012-0623","url":"https://www.cve.org/CVERecord?id=CVE-2012-0623"},{"name":"CVE-2012-0588","url":"https://www.cve.org/CVERecord?id=CVE-2012-0588"},{"name":"CVE-2012-0607","url":"https://www.cve.org/CVERecord?id=CVE-2012-0607"},{"name":"CVE-2011-2867","url":"https://www.cve.org/CVERecord?id=CVE-2011-2867"},{"name":"CVE-2012-0640","url":"https://www.cve.org/CVERecord?id=CVE-2012-0640"},{"name":"CVE-2012-0613","url":"https://www.cve.org/CVERecord?id=CVE-2012-0613"},{"name":"CVE-2011-2847","url":"https://www.cve.org/CVERecord?id=CVE-2011-2847"},{"name":"CVE-2012-0630","url":"https://www.cve.org/CVERecord?id=CVE-2012-0630"},{"name":"CVE-2011-2866","url":"https://www.cve.org/CVERecord?id=CVE-2011-2866"},{"name":"CVE-2012-0587","url":"https://www.cve.org/CVERecord?id=CVE-2012-0587"},{"name":"CVE-2011-2825","url":"https://www.cve.org/CVERecord?id=CVE-2011-2825"},{"name":"CVE-2012-0586","url":"https://www.cve.org/CVERecord?id=CVE-2012-0586"},{"name":"CVE-2011-2846","url":"https://www.cve.org/CVERecord?id=CVE-2011-2846"},{"name":"CVE-2012-0608","url":"https://www.cve.org/CVERecord?id=CVE-2012-0608"},{"name":"CVE-2012-0590","url":"https://www.cve.org/CVERecord?id=CVE-2012-0590"},{"name":"CVE-2012-0606","url":"https://www.cve.org/CVERecord?id=CVE-2012-0606"},{"name":"CVE-2012-0633","url":"https://www.cve.org/CVERecord?id=CVE-2012-0633"},{"name":"CVE-2011-3885","url":"https://www.cve.org/CVERecord?id=CVE-2011-3885"},{"name":"CVE-2012-0595","url":"https://www.cve.org/CVERecord?id=CVE-2012-0595"},{"name":"CVE-2012-0596","url":"https://www.cve.org/CVERecord?id=CVE-2012-0596"},{"name":"CVE-2012-0627","url":"https://www.cve.org/CVERecord?id=CVE-2012-0627"},{"name":"CVE-2012-0626","url":"https://www.cve.org/CVERecord?id=CVE-2012-0626"},{"name":"CVE-2012-0593","url":"https://www.cve.org/CVERecord?id=CVE-2012-0593"},{"name":"CVE-2012-0617","url":"https://www.cve.org/CVERecord?id=CVE-2012-0617"},{"name":"CVE-2012-0592","url":"https://www.cve.org/CVERecord?id=CVE-2012-0592"},{"name":"CVE-2011-2873","url":"https://www.cve.org/CVERecord?id=CVE-2011-2873"},{"name":"CVE-2012-0585","url":"https://www.cve.org/CVERecord?id=CVE-2012-0585"},{"name":"CVE-2012-0611","url":"https://www.cve.org/CVERecord?id=CVE-2012-0611"},{"name":"CVE-2012-0612","url":"https://www.cve.org/CVERecord?id=CVE-2012-0612"},{"name":"CVE-2012-0599","url":"https://www.cve.org/CVERecord?id=CVE-2012-0599"},{"name":"CVE-2012-0601","url":"https://www.cve.org/CVERecord?id=CVE-2012-0601"},{"name":"CVE-2011-3928","url":"https://www.cve.org/CVERecord?id=CVE-2011-3928"},{"name":"CVE-2012-0614","url":"https://www.cve.org/CVERecord?id=CVE-2012-0614"},{"name":"CVE-2012-0616","url":"https://www.cve.org/CVERecord?id=CVE-2012-0616"},{"name":"CVE-2012-0609","url":"https://www.cve.org/CVERecord?id=CVE-2012-0609"},{"name":"CVE-2012-0621","url":"https://www.cve.org/CVERecord?id=CVE-2012-0621"},{"name":"CVE-2012-0631","url":"https://www.cve.org/CVERecord?id=CVE-2012-0631"},{"name":"CVE-2012-0600","url":"https://www.cve.org/CVERecord?id=CVE-2012-0600"},{"name":"CVE-2011-2857","url":"https://www.cve.org/CVERecord?id=CVE-2011-2857"},{"name":"CVE-2012-0584","url":"https://www.cve.org/CVERecord?id=CVE-2012-0584"},{"name":"CVE-2011-2868","url":"https://www.cve.org/CVERecord?id=CVE-2011-2868"},{"name":"CVE-2011-3909","url":"https://www.cve.org/CVERecord?id=CVE-2011-3909"},{"name":"CVE-2012-0618","url":"https://www.cve.org/CVERecord?id=CVE-2012-0618"},{"name":"CVE-2012-0622","url":"https://www.cve.org/CVERecord?id=CVE-2012-0622"},{"name":"CVE-2011-2869","url":"https://www.cve.org/CVERecord?id=CVE-2011-2869"},{"name":"CVE-2012-0624","url":"https://www.cve.org/CVERecord?id=CVE-2012-0624"},{"name":"CVE-2012-0604","url":"https://www.cve.org/CVERecord?id=CVE-2012-0604"},{"name":"CVE-2012-0620","url":"https://www.cve.org/CVERecord?id=CVE-2012-0620"},{"name":"CVE-2012-0603","url":"https://www.cve.org/CVERecord?id=CVE-2012-0603"},{"name":"CVE-2011-3888","url":"https://www.cve.org/CVERecord?id=CVE-2011-3888"},{"name":"CVE-2012-0647","url":"https://www.cve.org/CVERecord?id=CVE-2012-0647"},{"name":"CVE-2012-0637","url":"https://www.cve.org/CVERecord?id=CVE-2012-0637"},{"name":"CVE-2012-0629","url":"https://www.cve.org/CVERecord?id=CVE-2012-0629"},{"name":"CVE-2011-2854","url":"https://www.cve.org/CVERecord?id=CVE-2011-2854"},{"name":"CVE-2012-0610","url":"https://www.cve.org/CVERecord?id=CVE-2012-0610"},{"name":"CVE-2012-0648","url":"https://www.cve.org/CVERecord?id=CVE-2012-0648"},{"name":"CVE-2012-0632","url":"https://www.cve.org/CVERecord?id=CVE-2012-0632"},{"name":"CVE-2012-0619","url":"https://www.cve.org/CVERecord?id=CVE-2012-0619"},{"name":"CVE-2011-2870","url":"https://www.cve.org/CVERecord?id=CVE-2011-2870"},{"name":"CVE-2011-2833","url":"https://www.cve.org/CVERecord?id=CVE-2011-2833"},{"name":"CVE-2012-0594","url":"https://www.cve.org/CVERecord?id=CVE-2012-0594"},{"name":"CVE-2011-3908","url":"https://www.cve.org/CVERecord?id=CVE-2011-3908"},{"name":"CVE-2012-0625","url":"https://www.cve.org/CVERecord?id=CVE-2012-0625"},{"name":"CVE-2012-0605","url":"https://www.cve.org/CVERecord?id=CVE-2012-0605"},{"name":"CVE-2011-2871","url":"https://www.cve.org/CVERecord?id=CVE-2011-2871"},{"name":"CVE-2012-0635","url":"https://www.cve.org/CVERecord?id=CVE-2012-0635"},{"name":"CVE-2012-0615","url":"https://www.cve.org/CVERecord?id=CVE-2012-0615"},{"name":"CVE-2012-0636","url":"https://www.cve.org/CVERecord?id=CVE-2012-0636"},{"name":"CVE-2012-0591","url":"https://www.cve.org/CVERecord?id=CVE-2012-0591"},{"name":"CVE-2012-0639","url":"https://www.cve.org/CVERecord?id=CVE-2012-0639"},{"name":"CVE-2011-3897","url":"https://www.cve.org/CVERecord?id=CVE-2011-3897"},{"name":"CVE-2012-0598","url":"https://www.cve.org/CVERecord?id=CVE-2012-0598"},{"name":"CVE-2011-2877","url":"https://www.cve.org/CVERecord?id=CVE-2011-2877"},{"name":"CVE-2011-2872","url":"https://www.cve.org/CVERecord?id=CVE-2011-2872"},{"name":"CVE-2012-0638","url":"https://www.cve.org/CVERecord?id=CVE-2012-0638"},{"name":"CVE-2011-3887","url":"https://www.cve.org/CVERecord?id=CVE-2011-3887"},{"name":"CVE-2011-3881","url":"https://www.cve.org/CVERecord?id=CVE-2011-3881"}],"links":[],"reference":"CERTA-2012-AVI-141","revisions":[{"description":"version initiale.","revision_date":"2012-03-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De tr\u00e8s nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Safari, pour de\nnombreux impacts dont l'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Safari","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Apple HT5190 du 12 mars 2012","url":"http://support.apple.com/kb/HT5190"}]}