{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Apache Web Server Suite versions ant\u00e9rieures \u00e0 v3.05 (HP-UX 11iv2 et 11iv3) ;","product":{"name":"N/A","vendor":{"name":"Apache","scada":false}}},{"description":"Apache Web Server Suite versions ant\u00e9rieures \u00e0 v2.25 (HP-UX 11iv1).","product":{"name":"N/A","vendor":{"name":"Apache","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s li\u00e9es au langage PHP, au serveur Web Apache\net aux moteurs de servlet bas\u00e9s sur celui de Tomcat permettent \u00e0 un\nindividu distant de r\u00e9aliser un d\u00e9ni de service ou d'ex\u00e9cuter du code\narbitraire. Ces vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9crites dans les avis pr\u00e9c\u00e9dents\ndu CERTA.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-5557","url":"https://www.cve.org/CVERecord?id=CVE-2008-5557"},{"name":"CVE-2008-5625","url":"https://www.cve.org/CVERecord?id=CVE-2008-5625"},{"name":"CVE-2008-0005","url":"https://www.cve.org/CVERecord?id=CVE-2008-0005"},{"name":"CVE-2008-3660","url":"https://www.cve.org/CVERecord?id=CVE-2008-3660"},{"name":"CVE-2008-2168","url":"https://www.cve.org/CVERecord?id=CVE-2008-2168"},{"name":"CVE-2008-2371","url":"https://www.cve.org/CVERecord?id=CVE-2008-2371"},{"name":"CVE-2008-3959","url":"https://www.cve.org/CVERecord?id=CVE-2008-3959"},{"name":"CVE-2008-5498","url":"https://www.cve.org/CVERecord?id=CVE-2008-5498"},{"name":"CVE-2008-2829","url":"https://www.cve.org/CVERecord?id=CVE-2008-2829"},{"name":"CVE-2008-0599","url":"https://www.cve.org/CVERecord?id=CVE-2008-0599"},{"name":"CVE-2008-2665","url":"https://www.cve.org/CVERecord?id=CVE-2008-2665"},{"name":"CVE-2008-2666","url":"https://www.cve.org/CVERecord?id=CVE-2008-2666"},{"name":"CVE-2008-5624","url":"https://www.cve.org/CVERecord?id=CVE-2008-5624"},{"name":"CVE-2008-5658","url":"https://www.cve.org/CVERecord?id=CVE-2008-5658"},{"name":"CVE-2007-4465","url":"https://www.cve.org/CVERecord?id=CVE-2007-4465"}],"links":[{"title":"Avis CERTA-2008-AVI-417 du 08 ao\u00fbt 2008 :","url":"http://www.certa.ssi.gouv.fr/site/CERTA-2008-AVI-417"},{"title":"Avis CERTA-2008-AVI-225 du 02 mai 2008 :","url":"http://www.certa.ssi.gouv.fr/site/CERTA-2008-AVI-225"},{"title":"Avis CERTA-2008-AVI-011 du 09 janvier 2008 :","url":"http://www.certa.ssi.gouv.fr/site/CERTA-2008-AVI-011"},{"title":"Avis CERTA-2009-AVI-083 du 03 mars 2009 :","url":"http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-083"},{"title":"Avis CERTA-2007-AVI-339 du 08 novembre 2007 :","url":"http://www.certa.ssi.gouv.fr/site/CERTA-2007-AVI-339"}],"reference":"CERTA-2009-AVI-257","revisions":[{"description":"version initiale.","revision_date":"2009-06-30T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s de <span class=\"textit\">HP-UX Apache Web Server\nSuite</span> permettent de r\u00e9aliser un d\u00e9ni de service \u00e0 distance et\nd'ex\u00e9cuter du code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9 de HP-UX Apache Web Server Suite","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 HP c01756421 du 29 juin 2009","url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=c01756421"}]}