{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>AIX 5.x et 6.x.</p>","content":"## Description\n\nDes applications d\u00e9marr\u00e9es avec les droits administrateur sont\nvuln\u00e9rables \u00e0 des d\u00e9passements de m\u00e9moire permettant l'ex\u00e9cution de code\narbitraire. Des probl\u00e8mes des droits en \u00e9criture sur des fichiers ont\naussi \u00e9t\u00e9 corrig\u00e9s.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 d'IBM pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-5764","url":"https://www.cve.org/CVERecord?id=CVE-2007-5764"},{"name":"CVE-2008-0588","url":"https://www.cve.org/CVERecord?id=CVE-2008-0588"},{"name":"CVE-2008-0585","url":"https://www.cve.org/CVERecord?id=CVE-2008-0585"},{"name":"CVE-2008-0584","url":"https://www.cve.org/CVERecord?id=CVE-2008-0584"},{"name":"CVE-2008-0586","url":"https://www.cve.org/CVERecord?id=CVE-2008-0586"},{"name":"CVE-2008-0587","url":"https://www.cve.org/CVERecord?id=CVE-2008-0587"},{"name":"CVE-2008-0589","url":"https://www.cve.org/CVERecord?id=CVE-2008-0589"}],"links":[{"title":"R\u00e9f\u00e9rence de support IBM IZ11242 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ11242"},{"title":"R\u00e9f\u00e9rence de support IBM IZ11244 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ11244"},{"title":"R\u00e9f\u00e9rence de support IBM IZ06489 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ06489"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4078"},{"title":"R\u00e9f\u00e9rence de support IBM IZ00559 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ00559"},{"title":"R\u00e9f\u00e9rence de support IBM IY96095 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IY96095"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4068"},{"title":"R\u00e9f\u00e9rence de support IBM IZ06620 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ06620"},{"title":"R\u00e9f\u00e9rence de support IBM IZ0260 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ06260"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4064"},{"title":"R\u00e9f\u00e9rence de support IBM IZ06261 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ06261"},{"title":"R\u00e9f\u00e9rence de support IBM IZ12745 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ12745"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4075"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4072"},{"title":"R\u00e9f\u00e9rence de support IBM IY98331 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IY98331"},{"title":"R\u00e9f\u00e9rence de support IBM IY96101 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IY96101"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4066"},{"title":"R\u00e9f\u00e9rence de support IBM IZ06621 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ06621"},{"title":"R\u00e9f\u00e9rence de support IBM IZ10828 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ10828"},{"title":"R\u00e9f\u00e9rence de support IBM IY99537 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IY99537"},{"title":"R\u00e9f\u00e9rence de support IBM IZ11243 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ11243"},{"title":"Bulletin de s\u00e9curit\u00e9 iDefense 648 du 23 janvier 2008 :","url":"http://www.idefense.com/ntelligence/vulnerabilities/display.php?id=648"},{"title":"R\u00e9f\u00e9rence de support IBM IY97257 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IY97257"},{"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072,    4075 et 4078 du 22 janvier 2008 :","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&id=4070"},{"title":"R\u00e9f\u00e9rence de support IBM IY98340 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IY98340"},{"title":"R\u00e9f\u00e9rence de support IBM IZ06488 :","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ06488"}],"reference":"CERTA-2008-AVI-038","revisions":[{"description":"version initiale.","revision_date":"2008-01-25T00:00:00.000000"},{"description":"ajouts des r\u00e9f\u00e9rences CVE et des diff\u00e9rentes notes de support IBM.","revision_date":"2008-02-05T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans IBM AIX.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans IBM AIX","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 IBM 4064, 4066, 4068, 4070, 4072, 4075 et 4078 du 22 janvier 2008","url":null}]}