{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Adobe Reader 7.x.","product":{"name":"Acrobat Reader","vendor":{"name":"Adobe","scada":false}}},{"description":"Adobe Reader 6.x ;","product":{"name":"Acrobat Reader","vendor":{"name":"Adobe","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s touchent le greffon Adobe Acrobat Reader, et\nceci quelque soit le navigateur utilis\u00e9. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0\nune personne malintentionn\u00e9e qui les exploiterait de conduire des\nattaques par ex\u00e9cution crois\u00e9e de code (Cross Site Scripting), par\nd\u00e9coupage de r\u00e9ponse HTTP (HTTP Response Splitting) ou par ex\u00e9cution\nforc\u00e9e de code arbitraire \u00e0 distance.\n\n## Solution\n\nRemplacer la version actuelle par la version 8.0.0 (cf. section\nDocumentation).\n","cves":[],"links":[{"title":"Page de t\u00e9l\u00e9chargement de la nouvelle version d'Acrobat    Reader :","url":"http://www.adobe.com/products/acrobat/readstep2.html"}],"reference":"CERTA-2007-AVI-003","revisions":[{"description":"version initiale.","revision_date":"2007-01-04T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Ex\u00e9cution crois\u00e9e de code ( cross site scripting )"},{"description":"D\u00e9coupage de r\u00e9ponse http ( http response splitting )"}],"summary":null,"title":"Multiples vuln\u00e9rabilit\u00e9s du greffon Adobe Acrobat Reader","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VU#815960 de l'US-CERT","url":"http://www.kb.cert.org/vuls/id/815960"}]}