{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"MySQL Server \u00e0 partir de la version 5.6.20","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Server \u00e0 partir de la version 5.6.19","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Server \u00e0 partir de la version 5.5.38","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"MySQL Server \u00e0 partir de la version 5.5.39","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2014-6530","url":"https://www.cve.org/CVERecord?id=CVE-2014-6530"},{"name":"CVE-2014-6564","url":"https://www.cve.org/CVERecord?id=CVE-2014-6564"},{"name":"CVE-2014-6489","url":"https://www.cve.org/CVERecord?id=CVE-2014-6489"},{"name":"CVE-2014-6491","url":"https://www.cve.org/CVERecord?id=CVE-2014-6491"},{"name":"CVE-2014-6474","url":"https://www.cve.org/CVERecord?id=CVE-2014-6474"},{"name":"CVE-2014-4287","url":"https://www.cve.org/CVERecord?id=CVE-2014-4287"},{"name":"CVE-2014-6464","url":"https://www.cve.org/CVERecord?id=CVE-2014-6464"},{"name":"CVE-2014-6484","url":"https://www.cve.org/CVERecord?id=CVE-2014-6484"},{"name":"CVE-2014-6555","url":"https://www.cve.org/CVERecord?id=CVE-2014-6555"},{"name":"CVE-2014-6551","url":"https://www.cve.org/CVERecord?id=CVE-2014-6551"},{"name":"CVE-2014-6520","url":"https://www.cve.org/CVERecord?id=CVE-2014-6520"},{"name":"CVE-2014-6500","url":"https://www.cve.org/CVERecord?id=CVE-2014-6500"},{"name":"CVE-2014-6495","url":"https://www.cve.org/CVERecord?id=CVE-2014-6495"},{"name":"CVE-2014-6494","url":"https://www.cve.org/CVERecord?id=CVE-2014-6494"},{"name":"CVE-2012-5615","url":"https://www.cve.org/CVERecord?id=CVE-2012-5615"},{"name":"CVE-2014-6478","url":"https://www.cve.org/CVERecord?id=CVE-2014-6478"},{"name":"CVE-2014-6559","url":"https://www.cve.org/CVERecord?id=CVE-2014-6559"},{"name":"CVE-2014-6507","url":"https://www.cve.org/CVERecord?id=CVE-2014-6507"},{"name":"CVE-2014-6496","url":"https://www.cve.org/CVERecord?id=CVE-2014-6496"},{"name":"CVE-2014-6463","url":"https://www.cve.org/CVERecord?id=CVE-2014-6463"},{"name":"CVE-2014-6469","url":"https://www.cve.org/CVERecord?id=CVE-2014-6469"},{"name":"CVE-2014-4274","url":"https://www.cve.org/CVERecord?id=CVE-2014-4274"},{"name":"CVE-2014-6505","url":"https://www.cve.org/CVERecord?id=CVE-2014-6505"}],"links":[],"reference":"CERTFR-2014-AVI-427","revisions":[{"description":"version initiale.","revision_date":"2014-10-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Oracle MySQL</span>. Certaines d'entre elles permettent \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle CPUOct2014 du 14 octobre 2014","url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"}]}