{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Windows Vista Service Pack 1 et Windows Vista Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows XP Professional x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 pour les syst\u00e8mes 32 bits, 64 bits ou Itanium, avec ou sans le Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Vista x64 Edition Service Pack 1 et Windows Vista x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 7 pour les syst\u00e8mes 32 bits et 64 bits ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows XP Service Pack 3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2003 x64 Edition Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2003 SP2 pour les syst\u00e8mes Itanium ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2003 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 pour les syst\u00e8mes 64 bits ou Itanium.","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 affecte la gestion des pilotes en mode noyau. Elle est\ndue \u00e0 un d\u00e9faut de gestion d'index et permet \u00e0 une personne\nmalintentionn\u00e9e, possedant d\u00e9j\u00e0 un acc\u00e8s sur le syst\u00e8me, d'\u00e9lever ses\ndroits. Ce bulletin remplace le MS10-048 publi\u00e9 le 10 ao\u00fbt 2010.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-2744","url":"https://www.cve.org/CVERecord?id=CVE-2010-2744"},{"name":"CVE-2010-2549","url":"https://www.cve.org/CVERecord?id=CVE-2010-2549"},{"name":"CVE-2010-2743","url":"https://www.cve.org/CVERecord?id=CVE-2010-2743"}],"links":[],"reference":"CERTA-2010-AVI-483","revisions":[{"description":"version initiale.","revision_date":"2010-10-13T00:00:00.000000"}],"risks":[{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 affectant la gestion des pilotes en mode noyau permet\nune \u00e9l\u00e9vation de privil\u00e8ges. Ce bulletin remplace le MS10-048 du 10 ao\u00fbt\n2010.\n","title":"Vuln\u00e9rabilit\u00e9s dans les pilotes en mode noyau de Windows","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS10-073 du 12 octobre 2010","url":"http://www.microsoft.com/technet/security/Bulletin/MS10-073.mspx"}]}