{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P>IBM Netezza WebAdmin version 7.0</P>","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-5760","url":"https://www.cve.org/CVERecord?id=CVE-2012-5760"},{"name":"CVE-2012-5761","url":"https://www.cve.org/CVERecord?id=CVE-2012-5761"},{"name":"CVE-2012-5940","url":"https://www.cve.org/CVERecord?id=CVE-2012-5940"},{"name":"CVE-2012-5763","url":"https://www.cve.org/CVERecord?id=CVE-2012-5763"},{"name":"CVE-2012-5941","url":"https://www.cve.org/CVERecord?id=CVE-2012-5941"},{"name":"CVE-2012-5762","url":"https://www.cve.org/CVERecord?id=CVE-2012-5762"}],"links":[],"reference":"CERTA-2013-AVI-108","revisions":[{"description":"version initiale.","revision_date":"2013-02-08T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">IBM Netezza WebAdmin</span>. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code\nindirecte \u00e0 distance (XSS). La plus critique force Internet Explorer \u00e0\nutiliser le protocole MHTML pour voler la session d'un utilisateur.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans IBM Netezza WebAdmin","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM swg21624568 du 06 f\u00e9vrier 2013","url":"http://www-01.ibm.com/support/docview.wss?uid=swg21624568"}]}