{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Report Viewer 2005 Service Pack 1 Redistribuable Package.","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2005 Service Pack 1 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 de type injection de code indirecte \u00e0 distance (XSS)\ndans Microsoft Report Viewer peut \u00eatre exploit\u00e9e par un attaquant pour\nacc\u00e9der \u00e0 des informations confidentielles. L'utilisateur doit d'abord\n\u00eatre incit\u00e9 \u00e0 visiter un site sp\u00e9cialement con\u00e7u.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-1976","url":"https://www.cve.org/CVERecord?id=CVE-2011-1976"}],"links":[],"reference":"CERTA-2011-AVI-443","revisions":[{"description":"version initiale.","revision_date":"2011-08-10T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans Microsoft Report Viewer permet \u00e0 un attaquant\nd'acc\u00e9der \u00e0 des informations confidentielles.\n","title":"Vuln\u00e9rabilit\u00e9 dans Microsoft Report Viewer","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS11-067 du 09 ao\u00fbt 2011","url":"http://www.microsoft.com/technet/security/Bulletin/MS11-067.mspx"}]}