{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows Server 2008 (syst\u00e8mes 32-bit et x64, y compris pour syst\u00e8mes Itanium).","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 x64 Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft XP Professional x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 1 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft XP Professional x64 Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Vista Service Pack 1 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 SP1 et SP2 pour syst\u00e8mes Itanium ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Vista ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2000 Service Pack 4 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le gestionnaire de m\u00e9moire\nWindows, et en particulier dans la gestion des descripteurs d'adresses\nvirtuelles (VAD) utilis\u00e9s pour repr\u00e9senter l'espace d'adressage m\u00e9moire\nd'un processus.\n\nCette vuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e par une personne locale afin\nd'\u00e9lever ses privil\u00e8ges \u00e0 ceux d'administrateur du syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS08-064 de Microsoft pour\nl'obtention des correctifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-4036","url":"https://www.cve.org/CVERecord?id=CVE-2008-4036"}],"links":[],"reference":"CERTA-2008-AVI-505","revisions":[{"description":"version initiale.","revision_date":"2008-10-15T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le gestionnaire de m\u00e9moire\nWindows, et en particulier dans la gestion des descripteurs d'adresses\nvirtuelles (VAD). Cette vuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e par une\npersonne locale afin d'\u00e9lever ses privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 dans la manipulation m\u00e9moire Windows","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS08-064 du 14 octobre 2008","url":"http://www.microsoft.com/technet/security/Bulletin/MS08-064.mspx"}]}