{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Asterisk versions 1.8.X inf\u00e9rieures \u00e0 1.8.10.1 ;","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Asterisk versions 1.4.X inf\u00e9rieures \u00e0 1.4.44 ;","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Asterisk versions 10.X inf\u00e9rieures \u00e0 10.2.1.","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Asterisk versions 1.6.2.X inf\u00e9rieures \u00e0 1.6.2.23 ;","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLes versions 1.8.X et les versions 10.X sont vuln\u00e9rables \u00e0 de\nl'injection de code indirect \u00e0 distance, par un attaquant anonyme.  \nToutes les versions d\u00e9crites ci-dessus sont \u00e9galement affect\u00e9es par une\nvuln\u00e9rabilit\u00e9 permettant, dans certaines configurations d'Asterisk, de\nfermer inopin\u00e9ment l'application \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[],"reference":"CERTA-2012-AVI-153","revisions":[{"description":"version initiale.","revision_date":"2012-03-19T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Asterisk</span>. L'une d'entre elles permet l'ex\u00e9cution\nde code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9s dans Asterisk","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2012-003 du 15 mars 2012","url":"http://downloads.asterisk.org/pub/security/AST-2012-003.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2012-002 du 14 mars 2012","url":"http://downloads.asterisk.org/pub/security/AST-2012-002.html"}]}