{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Oracle Sun Ray Operating Software versions ant\u00e9rieures \u00e0 11.1.7","product":{"name":"Virtualization","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Virtual Desktop Infrastructure versions ant\u00e9rieures \u00e0 3.5.3","product":{"name":"Virtualization","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Secure Global Desktop version 5.2","product":{"name":"Virtualization","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle VM VirtualBox versions 5.0.x ant\u00e9rieures \u00e0 5.0.28","product":{"name":"Virtualization","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle Secure Global Desktop version 4.7","product":{"name":"Virtualization","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle VM VirtualBox versions 5.1.x ant\u00e9rieures \u00e0 5.1.8","product":{"name":"Virtualization","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2016-5605","url":"https://www.cve.org/CVERecord?id=CVE-2016-5605"},{"name":"CVE-2016-5610","url":"https://www.cve.org/CVERecord?id=CVE-2016-5610"},{"name":"CVE-2016-0763","url":"https://www.cve.org/CVERecord?id=CVE-2016-0763"},{"name":"CVE-2016-6309","url":"https://www.cve.org/CVERecord?id=CVE-2016-6309"},{"name":"CVE-2016-2105","url":"https://www.cve.org/CVERecord?id=CVE-2016-2105"},{"name":"CVE-2016-2177","url":"https://www.cve.org/CVERecord?id=CVE-2016-2177"},{"name":"CVE-2015-5351","url":"https://www.cve.org/CVERecord?id=CVE-2015-5351"},{"name":"CVE-2016-0706","url":"https://www.cve.org/CVERecord?id=CVE-2016-0706"},{"name":"CVE-2016-5501","url":"https://www.cve.org/CVERecord?id=CVE-2016-5501"},{"name":"CVE-2016-6302","url":"https://www.cve.org/CVERecord?id=CVE-2016-6302"},{"name":"CVE-2015-7501","url":"https://www.cve.org/CVERecord?id=CVE-2015-7501"},{"name":"CVE-2016-6303","url":"https://www.cve.org/CVERecord?id=CVE-2016-6303"},{"name":"CVE-2016-0714","url":"https://www.cve.org/CVERecord?id=CVE-2016-0714"},{"name":"CVE-2016-2178","url":"https://www.cve.org/CVERecord?id=CVE-2016-2178"},{"name":"CVE-2015-7940","url":"https://www.cve.org/CVERecord?id=CVE-2015-7940"},{"name":"CVE-2016-5611","url":"https://www.cve.org/CVERecord?id=CVE-2016-5611"},{"name":"CVE-2016-6307","url":"https://www.cve.org/CVERecord?id=CVE-2016-6307"},{"name":"CVE-2016-2179","url":"https://www.cve.org/CVERecord?id=CVE-2016-2179"},{"name":"CVE-2016-5608","url":"https://www.cve.org/CVERecord?id=CVE-2016-5608"},{"name":"CVE-2016-5580","url":"https://www.cve.org/CVERecord?id=CVE-2016-5580"},{"name":"CVE-2016-5538","url":"https://www.cve.org/CVERecord?id=CVE-2016-5538"},{"name":"CVE-2016-6304","url":"https://www.cve.org/CVERecord?id=CVE-2016-6304"},{"name":"CVE-2016-2107","url":"https://www.cve.org/CVERecord?id=CVE-2016-2107"},{"name":"CVE-2016-2181","url":"https://www.cve.org/CVERecord?id=CVE-2016-2181"},{"name":"CVE-2016-2106","url":"https://www.cve.org/CVERecord?id=CVE-2016-2106"},{"name":"CVE-2016-6308","url":"https://www.cve.org/CVERecord?id=CVE-2016-6308"},{"name":"CVE-2016-6306","url":"https://www.cve.org/CVERecord?id=CVE-2016-6306"},{"name":"CVE-2016-7052","url":"https://www.cve.org/CVERecord?id=CVE-2016-7052"},{"name":"CVE-2016-2183","url":"https://www.cve.org/CVERecord?id=CVE-2016-2183"},{"name":"CVE-2016-5613","url":"https://www.cve.org/CVERecord?id=CVE-2016-5613"},{"name":"CVE-2016-6305","url":"https://www.cve.org/CVERecord?id=CVE-2016-6305"},{"name":"CVE-2016-2180","url":"https://www.cve.org/CVERecord?id=CVE-2016-2180"},{"name":"CVE-2016-2182","url":"https://www.cve.org/CVERecord?id=CVE-2016-2182"},{"name":"CVE-2016-2109","url":"https://www.cve.org/CVERecord?id=CVE-2016-2109"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2016verbose-2881725 du 18    octobre 2016","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html#OVIR"},{"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2016-2881722 du 18    octobre 2016","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}],"reference":"CERTFR-2016-AVI-350","revisions":[{"description":"version initiale.","revision_date":"2016-10-19T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Oracle Linux and Virtualization</span>. Certaines d'entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement\nde la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle Linux and Virtualization","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2016verbose-2881725 du 18 octobre 2016","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2016-2881722 du 18 octobre 2016","url":null}]}