{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P>MySQL 5.1.x.</P>","content":"## Description\n\nDe nombreuses vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans certaines versions de MySQL\npeuvent \u00eatre exploit\u00e9es par un utilisateur distant malintentionn\u00e9 afin\nde contourner la politique de s\u00e9curit\u00e9, de porter atteinte \u00e0 la\nconfidentialit\u00e9 et/ou \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de\nservice ou d'ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-0226","url":"https://www.cve.org/CVERecord?id=CVE-2008-0226"},{"name":"CVE-2007-6313","url":"https://www.cve.org/CVERecord?id=CVE-2007-6313"},{"name":"CVE-2007-5969","url":"https://www.cve.org/CVERecord?id=CVE-2007-5969"},{"name":"CVE-2007-5970","url":"https://www.cve.org/CVERecord?id=CVE-2007-5970"},{"name":"CVE-2008-0227","url":"https://www.cve.org/CVERecord?id=CVE-2008-0227"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2007:1155 du 18 d\u00e9cembre    2007 :","url":"http://rhn.redhat.com/errata/RHSA-2007-1155.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-1451 du 06 janvier 2008 :","url":"http://www.debian.org/security/2008/DSA-1451"},{"title":"Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:003 du 07 f\u00e9vrier    2008 :","url":"http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2007:243 du 10 d\u00e9cembre    2007 :","url":"http://www.mandriva.com/en/security/advisories?name=MDVSA-2007:243"},{"title":"Journal des modifications MySQL du 29 janvier 2008    :","url":"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-559-1 du 21 d\u00e9cembre 2007 :","url":"http://www.ubuntu.com/usn/usn-559-1"}],"reference":"CERTA-2008-AVI-088","revisions":[{"description":"version initiale.","revision_date":"2008-02-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":null,"title":"Multiples vuln\u00e9rabilit\u00e9s dans MySQL","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2008:003 du 07 f\u00e9vrier 2008","url":null}]}