{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows NT Terminal Server Edition 4.0 Service Pack 6 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Workstation 4.0 Service Pack 6a ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Server 4.0 Service Pack 6a ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2000 Service Pack 2, Service Pack 3 et Service Pack 4 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLe composant POSIX (Portable Operating System Interface for UNIX) de\nMicrosoft permet d'ex\u00e9cuter des applications UNIX POSIX. Cette \u00e9mulation\nest inclue dans Microsoft Windows NT 4.0 et Microsoft Windows 2000\n(Microsoft Windows XP et Microsoft Windows Server 2003 ne contiennent\npas l'\u00e9mulation POSIX).  \nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de tampon est pr\u00e9sente dans le\ncomposant POSIX et permet \u00e0 un utilisateur local mal intentionn\u00e9\nd'\u00e9lever ses privil\u00e8ges.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de Microsoft pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[],"reference":"CERTA-2004-AVI-238","revisions":[{"description":"version initiale.","revision_date":"2004-07-15T00:00:00.000000"}],"risks":[{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans le composant POSIX de Microsoft permet \u00e0 un\nutilisateur local d'\u00e9lever ses privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 du composant POSIX de Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS04-020","url":"http://www.microsoft.com/technet/security/bulletin/ms04-020.mspx"}]}