{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows Server 2003 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Millennium Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Workstation 4.0 Service Pack 6a ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 64-Bit Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 98 et 98 SE ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP 64-Bit Edition Service Pack 1 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Terminal Server Edition 4.0 Service Pack 6a ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Internet Explorer 6.0 Service Pack 1 install\u00e9 sur Windows NT 4.0 SP6a.","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP 64-Bit Edition Version 2003 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows NT Server 4.0 Service Pack 6a ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2000 Service Pack 2, Service Pack 3 et Service Pack 4 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP et XP Service Pack 1 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUn concepteur de site mal intentionn\u00e9 peut, en attirant un utilisateur\nsur une page judicieusement compos\u00e9e, exploiter une vuln\u00e9rabilit\u00e9\npr\u00e9sente dans l'interpr\u00e9teur de commandes lors du lancement d'une\napplication. Cette vuln\u00e9rabilit\u00e9 entra\u00eene l'ex\u00e9cution de code arbitraire\navec les privil\u00e8ges de l'utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Microsoft pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[],"reference":"CERTA-2004-AVI-242","revisions":[{"description":"version initiale.","revision_date":"2004-07-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans l'interpr\u00e9teur de commandes de Microsoft\nWindows permet \u00e0 un utilisateur distant mal intentionn\u00e9 d'ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans l'interpr\u00e9teur de commandes Windows","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS04-024","url":"http://www.microsoft.com/technet/security/bulletin/ms04-024.mspx"}]}