{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Windows XP Professional x64 Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 x64 Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 1 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Professional x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 2 pour Itanium.","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 1 pour Itanium ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Service Pack 3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 est pr\u00e9sente dans le pilote de fonction connexe ou\nAncillary Function Driver de Microsoft. Un manque de contr\u00f4le des\ndonn\u00e9es transmises du mode utilisateur au mode noyau permet \u00e0 un\nutilisateur local d'ex\u00e9cuter du code arbitraire avec des privil\u00e8ges tr\u00e8s\n\u00e9lev\u00e9s sur le syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-3464","url":"https://www.cve.org/CVERecord?id=CVE-2008-3464"}],"links":[],"reference":"CERTA-2008-AVI-507","revisions":[{"description":"version initiale.","revision_date":"2008-10-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9ctution de code arbitraire"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans le pilote de fonction connexe de Microsoft permet\n\u00e0 un utilisateur local malintentionn\u00e9 d'\u00e9lever ses privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 dans le pilote de fonction connexe de Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS08-066 du 14 octobre 2008","url":"http://www.microsoft.com/technet/security/Bulletin/MS08-066.mspx"}]}