{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SQLJ version 11.1.0.7","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"SQLJ version 12.1.0.2","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Advanced Networking Option version 11.2.0.4","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database version 11.2.0.3","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"SQLJ version 11.2.0.4","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"JDBC version 11.1.0.7","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Advanced Networking Option version 12.1.0.1","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Advanced Networking Option version 11.2.0.3","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"JDBC version 12.1.0.1","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database version 11.2.0.4","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"JDBC version 11.2.0.3","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"JDBC version 12.1.0.2","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Application Express toute version ant\u00e9rieure \u00e0 4.2.6","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"SQLJ version 11.2.0.3","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database version 12.1.0.2","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database version 11.1.0.7","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"SQLJ version 12.1.0.1","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Database version 12.1.0.1","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"JDBC version 11.2.0.4","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}},{"description":"Advanced Networking Option version 11.1.0.7","product":{"name":"Database Server","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2014-6547","url":"https://www.cve.org/CVERecord?id=CVE-2014-6547"},{"name":"CVE-2014-4293","url":"https://www.cve.org/CVERecord?id=CVE-2014-4293"},{"name":"CVE-2014-6452","url":"https://www.cve.org/CVERecord?id=CVE-2014-6452"},{"name":"CVE-2014-4292","url":"https://www.cve.org/CVERecord?id=CVE-2014-4292"},{"name":"CVE-2014-4296","url":"https://www.cve.org/CVERecord?id=CVE-2014-4296"},{"name":"CVE-2014-6538","url":"https://www.cve.org/CVERecord?id=CVE-2014-6538"},{"name":"CVE-2014-4290","url":"https://www.cve.org/CVERecord?id=CVE-2014-4290"},{"name":"CVE-2014-4298","url":"https://www.cve.org/CVERecord?id=CVE-2014-4298"},{"name":"CVE-2014-4291","url":"https://www.cve.org/CVERecord?id=CVE-2014-4291"},{"name":"CVE-2014-4299","url":"https://www.cve.org/CVERecord?id=CVE-2014-4299"},{"name":"CVE-2014-6467","url":"https://www.cve.org/CVERecord?id=CVE-2014-6467"},{"name":"CVE-2014-6454","url":"https://www.cve.org/CVERecord?id=CVE-2014-6454"},{"name":"CVE-2014-6455","url":"https://www.cve.org/CVERecord?id=CVE-2014-6455"},{"name":"CVE-2014-6545","url":"https://www.cve.org/CVERecord?id=CVE-2014-6545"},{"name":"CVE-2014-6544","url":"https://www.cve.org/CVERecord?id=CVE-2014-6544"},{"name":"CVE-2014-6537","url":"https://www.cve.org/CVERecord?id=CVE-2014-6537"},{"name":"CVE-2014-4289","url":"https://www.cve.org/CVERecord?id=CVE-2014-4289"},{"name":"CVE-2014-4300","url":"https://www.cve.org/CVERecord?id=CVE-2014-4300"},{"name":"CVE-2014-6483","url":"https://www.cve.org/CVERecord?id=CVE-2014-6483"},{"name":"CVE-2014-6560","url":"https://www.cve.org/CVERecord?id=CVE-2014-6560"},{"name":"CVE-2014-6546","url":"https://www.cve.org/CVERecord?id=CVE-2014-6546"},{"name":"CVE-2014-6453","url":"https://www.cve.org/CVERecord?id=CVE-2014-6453"},{"name":"CVE-2014-4294","url":"https://www.cve.org/CVERecord?id=CVE-2014-4294"},{"name":"CVE-2014-4295","url":"https://www.cve.org/CVERecord?id=CVE-2014-4295"},{"name":"CVE-2014-4297","url":"https://www.cve.org/CVERecord?id=CVE-2014-4297"},{"name":"CVE-2014-2478","url":"https://www.cve.org/CVERecord?id=CVE-2014-2478"},{"name":"CVE-2014-4301","url":"https://www.cve.org/CVERecord?id=CVE-2014-4301"},{"name":"CVE-2014-6542","url":"https://www.cve.org/CVERecord?id=CVE-2014-6542"},{"name":"CVE-2014-4310","url":"https://www.cve.org/CVERecord?id=CVE-2014-4310"},{"name":"CVE-2014-6563","url":"https://www.cve.org/CVERecord?id=CVE-2014-6563"}],"links":[],"reference":"CERTFR-2014-AVI-428","revisions":[{"description":"version initiale.","revision_date":"2014-10-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Oracle Database Server</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle Database Server","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle CPUOct2014 du 14 octobre 2014","url":"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"}]}