{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"VMware Workstation 6.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ACE 1.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Player 1.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Server 1.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Player 2.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware ACE 2.0.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Workstation 5.5.x ;","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Fusion 1.x.","product":{"name":"Fusion","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits VMware permettent\n\u00e0 un utilisateur malveillant, \u00e0 partir d'un syst\u00e8me virtualis\u00e9, de\ncontourner la politique de s\u00e9curit\u00e9 pour porter atteinte \u00e0 la\nconfidentialit\u00e9 et \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es du syst\u00e8me h\u00f4te.\n\nD'autres vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malintentionn\u00e9 de\nprovoquer un d\u00e9ni de service ou d'\u00e9lever ses privil\u00e8ges \u00e0 l'int\u00e9rieur\nd'un syst\u00e8me virtuel.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2006-4339","url":"https://www.cve.org/CVERecord?id=CVE-2006-4339"},{"name":"CVE-2006-2940","url":"https://www.cve.org/CVERecord?id=CVE-2006-2940"},{"name":"CVE-2008-1362","url":"https://www.cve.org/CVERecord?id=CVE-2008-1362"},{"name":"CVE-2008-1361","url":"https://www.cve.org/CVERecord?id=CVE-2008-1361"},{"name":"CVE-2008-1340","url":"https://www.cve.org/CVERecord?id=CVE-2008-1340"},{"name":"CVE-2008-1364","url":"https://www.cve.org/CVERecord?id=CVE-2008-1364"},{"name":"CVE-2006-4343","url":"https://www.cve.org/CVERecord?id=CVE-2006-4343"},{"name":"CVE-2008-1363","url":"https://www.cve.org/CVERecord?id=CVE-2008-1363"},{"name":"CVE-2007-5269","url":"https://www.cve.org/CVERecord?id=CVE-2007-5269"},{"name":"CVE-2007-5618","url":"https://www.cve.org/CVERecord?id=CVE-2007-5618"},{"name":"CVE-2006-2937","url":"https://www.cve.org/CVERecord?id=CVE-2006-2937"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 VMware VMSA-2008-0005 du 17 mars 2008    :","url":"http://www.vmware.com/security/advisories/VMSA-2008-0005.shtml"}],"reference":"CERTA-2008-AVI-141","revisions":[{"description":"version initiale.","revision_date":"2008-03-18T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9s dans les produits VMware","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMware VMSA-2008-005 du 17 mars 2008","url":null}]}