{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Active Directory Lightweight Directory Service (AD LDS), Windows Vista Service pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"AD LDS, Windows 7 pour syst\u00e8mes 32 bits ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"ADAM, Windows XP \u00c9dition Professionnelle x64 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory et AD LDS, Windows Server 2008 32 bits et Windows Server 2008 32 bits Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"AD LDS, Windows Vista \u00c9dition x64 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"AD LDS, Windows 7 pour syst\u00e8mes x64 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory, Windows Server 2003 avec Service Pack 2 pour syst\u00e8mes Itanium ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory et ADAM, Windows Server 2003 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory et ADAM, Windows Server 2003 \u00c9dition x64 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory et AD LDS, Windows Server 2008 syst\u00e8me x64 et Windows Server 2008 x64 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory en mode application (ADAM), Windows XP Service Pack 3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Active Directory et AD LDS, Windows Server 2008 R2 pour syst\u00e8mes x64 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne erreur dans le traitement des messages LDAP (Lightweight Directory\nAccess protocol) par LSASS (Local Security Authority Subsystem Service),\npermet \u00e0 un attaquant, authentifi\u00e9 aupr\u00e8s du serveur LSASS, qui\nexploiterait cette vuln\u00e9rabilit\u00e9, d'\u00e9lever son niveau de privil\u00e8ges et\nd'ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-0820","url":"https://www.cve.org/CVERecord?id=CVE-2010-0820"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS10-068 du 14 septembre    2010 :","url":"http://www.microsoft.com/france/technet/security/Bulletin/MS10-068.mspx"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS10-068 du 14 septembre    2010 :","url":"http://www.microsoft.com/technet/security/Bulletin/MS10-068.mspx"}],"reference":"CERTA-2010-AVI-437","revisions":[{"description":"version initiale.","revision_date":"2010-09-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans <span class=\"textit\">Microsoft Active\nDirectory</span> permet \u00e0 un attaquant d'ex\u00e9cuter du code arbitraire \u00e0\ndistance avec des privil\u00e8ges \u00e9lev\u00e9s.\n","title":"Vuln\u00e9rabilit\u00e9 dans Microsoft Active Directory","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS10-068 du 14 septembre 2010","url":null}]}