{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Sun Solaris 10.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Sun Solaris 9 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s non document\u00e9es du serveur Tomcat de Sun\nSolaris permettent \u00e0 une personne malveillante d'effectuer un d\u00e9ni de\nservice \u00e0 distance, un courtournement de la politique de s\u00e9curit\u00e9, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es ou une injection de code\nindirecte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-2450","url":"https://www.cve.org/CVERecord?id=CVE-2007-2450"},{"name":"CVE-2007-0450","url":"https://www.cve.org/CVERecord?id=CVE-2007-0450"},{"name":"CVE-2007-1358","url":"https://www.cve.org/CVERecord?id=CVE-2007-1358"},{"name":"CVE-2007-5461","url":"https://www.cve.org/CVERecord?id=CVE-2007-5461"},{"name":"CVE-2005-2090","url":"https://www.cve.org/CVERecord?id=CVE-2005-2090"},{"name":"CVE-2002-2006","url":"https://www.cve.org/CVERecord?id=CVE-2002-2006"},{"name":"CVE-2002-1394","url":"https://www.cve.org/CVERecord?id=CVE-2002-1394"},{"name":"CVE-2005-3164","url":"https://www.cve.org/CVERecord?id=CVE-2005-3164"},{"name":"CVE-2002-1148","url":"https://www.cve.org/CVERecord?id=CVE-2002-1148"},{"name":"CVE-2005-3510","url":"https://www.cve.org/CVERecord?id=CVE-2005-3510"},{"name":"CVE-2006-3835","url":"https://www.cve.org/CVERecord?id=CVE-2006-3835"},{"name":"CVE-2003-0866","url":"https://www.cve.org/CVERecord?id=CVE-2003-0866"},{"name":"CVE-2007-1355","url":"https://www.cve.org/CVERecord?id=CVE-2007-1355"}],"links":[],"reference":"CERTA-2008-AVI-349","revisions":[{"description":"version initiale.","revision_date":"2008-07-04T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s de Sun Solaris\npermettent \u00e0 une personne malintentionn\u00e9e d'effectuer, entre autres, un\nd\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Sun Solaris","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Sun Solaris #239312 du 30 juin 2008","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-239312-1"}]}