{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Windows Vista SP1 et SP2 (32bits et 64bits) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 (Itanium).","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 SP2 (32bits et 64 bits) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows XP SP3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2003 SP2 (32 bits et 64 bits) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2003 SP2 (Itanium) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 7 (32bits et 64 bits) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 (64bits) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 SP2 (Itanium) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 (Itanium) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 (32bits et 64 bits) ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows XP Pro SP2 64bits ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le pilote Compact Font Format\n(CFF) OpenType. Elle permet \u00e0 un utilisateur malintentionn\u00e9 d'\u00e9lever ses\nprivil\u00e8ges (Windows XP et Server 2003) ou d'ex\u00e9cuter du code arbitraire\n\u00e0 distance (autres versions de Windows) au moyen d'une police CFF\nsp\u00e9cialement con\u00e7ue et en incitant sa visualisation par un utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-0033","url":"https://www.cve.org/CVERecord?id=CVE-2011-0033"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS11-007 du 08 f\u00e9vrier 2011    :","url":"http://www.microsoft.com/technet/security/Bulletin/MS11-007.mspx"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS11-007 du 08 f\u00e9vrier 2011    :","url":"http://www.microsoft.com/france/technet/security/Bulletin/MS11-007.mspx"}],"reference":"CERTA-2011-AVI-062","revisions":[{"description":"version initiale.","revision_date":"2011-02-09T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le pilote Compact Font Format\n(CFF) OpenType. Elle permet \u00e0 un utilisateur malintentionn\u00e9 d'\u00e9lever ses\nprivil\u00e8ges ou d'ex\u00e9cuter du code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans le pilote Compact Font Format (CFF) OpenType","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS11-007 du 08 F\u00e9vrier 2011","url":null}]}