{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Visio 2002 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Vista ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio .NET 2003 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2008 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office Project 2002 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Report Viewer 2005 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Enterprise Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Home Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Web Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Report Viewer 2008 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP Professional ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Platform SDK Redistributable: GDI+ ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Word Viewer 2003 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office Excel Viewer 2003 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office XP ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft .NET Framework 2.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2005 Express Edition ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Works 8.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"SQL Server 2000 Reporting Services.","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Datacenter Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office Groove 2007 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2005 Compact Edition 3.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2005 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2003 Standard Edition ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2008 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual FoxPro 9.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2003 Professional Edition ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2003 Small Business Edition ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office Word Viewer ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Storage Server 2003 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Expression Web 2.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual FoxPro 8.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2007 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2003 Student and Teacher Edition ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Forefront Client Security 1.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2005 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office PowerPoint Viewer 2007 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Internet Explorer 6.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Expression Web 1.x ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Server 2003 Standard Edition ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nHuit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft\nutilisant GDI+. L'exploitation de ces vuln\u00e9rabilit\u00e9s est possible en\nraison de plusieurs erreurs (d\u00e9passements d'entier, erreurs aux limites,\netc.) et permettent l'ex\u00e9cution de code arbitraire via des fichiers\nsp\u00e9cialement construits.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2009-2528","url":"https://www.cve.org/CVERecord?id=CVE-2009-2528"},{"name":"CVE-2009-2502","url":"https://www.cve.org/CVERecord?id=CVE-2009-2502"},{"name":"CVE-2009-2500","url":"https://www.cve.org/CVERecord?id=CVE-2009-2500"},{"name":"CVE-2009-2501","url":"https://www.cve.org/CVERecord?id=CVE-2009-2501"},{"name":"CVE-2009-2503","url":"https://www.cve.org/CVERecord?id=CVE-2009-2503"},{"name":"CVE-2009-3126","url":"https://www.cve.org/CVERecord?id=CVE-2009-3126"},{"name":"CVE-2009-2504","url":"https://www.cve.org/CVERecord?id=CVE-2009-2504"},{"name":"CVE-2009-2518","url":"https://www.cve.org/CVERecord?id=CVE-2009-2518"}],"links":[],"reference":"CERTA-2009-AVI-442","revisions":[{"description":"version initiale.","revision_date":"2009-10-14T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMicrosoft utilisant GDI+. L'exploitation de ces vuln\u00e9rabilit\u00e9s permet\nd'ex\u00e9cuter du code arbitraire \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s des produits Microsoft utilisant GDI+","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS09-062 du 13 octobre 2009","url":"http://www.microsoft.com/technet/security/Bulletin/MS09-062.mspx"}]}