{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Office 2007 Service Pack 2 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2010 (sans Service Pack) ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Vista Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2008 Serveur R2.","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2010 Service Pack 1 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Silverlight 5 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Office 2003 Service Pack 3 ;","product":{"name":"Office","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2003 Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows XP SP3 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 7 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows Professionnel x64 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Windows 2008 Serveur Service Pack 2 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Silverlight 4 ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-1848","url":"https://www.cve.org/CVERecord?id=CVE-2012-1848"},{"name":"CVE-2012-0167","url":"https://www.cve.org/CVERecord?id=CVE-2012-0167"},{"name":"CVE-2012-0181","url":"https://www.cve.org/CVERecord?id=CVE-2012-0181"},{"name":"CVE-2012-0162","url":"https://www.cve.org/CVERecord?id=CVE-2012-0162"},{"name":"CVE-2012-0180","url":"https://www.cve.org/CVERecord?id=CVE-2012-0180"},{"name":"CVE-2012-0164","url":"https://www.cve.org/CVERecord?id=CVE-2012-0164"},{"name":"CVE-2012-0176","url":"https://www.cve.org/CVERecord?id=CVE-2012-0176"},{"name":"CVE-2012-0159","url":"https://www.cve.org/CVERecord?id=CVE-2012-0159"},{"name":"CVE-2012-0165","url":"https://www.cve.org/CVERecord?id=CVE-2012-0165"},{"name":"CVE-2011-3402","url":"https://www.cve.org/CVERecord?id=CVE-2011-3402"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS12-034 du 08 mai 2012 :","url":"http://technet.microsoft.com/fr-fr/security/bulletin/MS12-034"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft MS12-034 du 08 mai 2012 :","url":"http://technet.microsoft.com/en-us/security/bulletin/MS12-034"}],"reference":"CERTA-2012-AVI-259","revisions":[{"description":"version initiale.","revision_date":"2012-05-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Dix vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span class=\"textit\">Microsoft\nOffice, Windows, .NET</span> et <span class=\"textit\">Silverlight</span>.\nElles concernent :\n\n-   deux failles dans la gestion des \u00ab TrueType Font \u00bb pouvant mener \u00e0\n    une ex\u00e9cution de code arbitraire \u00e0 distance ;\n-   deux failles dans .NET, une affecte l'allocation de tampons, la\n    deuxi\u00e8me les comparaisons des index. L'une peut causer une ex\u00e9cution\n    de code arbitraire \u00e0 distance et l'autre un d\u00e9ni de service ;\n-   deux failles dans le composant GDI+, une affecte l'enregistrement du\n    type dans les images EMF, la deuxi\u00e8me est un d\u00e9bordement de tampon\n    dans le tas, les deux vuln\u00e9rabilit\u00e9s peuvent mener \u00e0 une ex\u00e9cution\n    de code arbitraire \u00e0 distance ;\n-   une faille de type \u00ab double lib\u00e9ration \u00bb dans Silverlight pouvant\n    mener \u00e0 une ex\u00e9cution de code arbitraire \u00e0 distance ;\n-   une faille dans la gestion des messages en mode noyau pouvant mener\n    \u00e0 une \u00e9l\u00e9vation de privil\u00e8ges ;\n-   une faille dans la configuration de clavier pouvant mener \u00e0 une\n    \u00e9l\u00e9vation de privil\u00e8ges ;\n-   une faille dans le calcul de la barre de navigation pouvant mener \u00e0\n    une \u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Office, Windows, .NET et Silverlight","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 MS12-034 du 08 mai 2012","url":null}]}