cvelistv5 - cve-2012-4244

CVE-2012-4244 (GCVE-0-2012-4244)

Vulnerability from cvelistv5

Published

2012-09-14 00:00

Modified

2024-08-06 20:28

Severity ?

CWE

Summary

ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.

References

URL

Tags

	http://www.debian.org/security/2012/dsa-2547	vendor-advisory
	http://www.ubuntu.com/usn/USN-1566-1	vendor-advisory
	http://marc.info/?l=bugtraq&m=141879471518471&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=141879471518471&w=2	vendor-advisory
	http://secunia.com/advisories/51096	third-party-advisory
	http://secunia.com/advisories/50582	third-party-advisory
	http://rhn.redhat.com/errata/RHSA-2012-1365.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2012-1266.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00021.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2012-1267.html	vendor-advisory
	http://www.securityfocus.com/bid/55522	vdb-entry
	http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087703.html	vendor-advisory
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:152	vendor-advisory
	http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087697.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00022.html	vendor-advisory
	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html	vendor-advisory
	http://secunia.com/advisories/50579	third-party-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
	http://secunia.com/advisories/50645	third-party-advisory
	http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00007.html	vendor-advisory
	https://kb.isc.org/article/AA-00778
	http://support.apple.com/kb/HT5880
	http://rhn.redhat.com/errata/RHSA-2012-1268.html	vendor-advisory
	http://secunia.com/advisories/50560	third-party-advisory
	http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088381.html	vendor-advisory
	http://secunia.com/advisories/50673	third-party-advisory
	https://security.netapp.com/advisory/ntap-20221209-0008/

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:28:07.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2547",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2547"
          },
          {
            "name": "USN-1566-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1566-1"
          },
          {
            "name": "HPSBOV03226",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
          },
          {
            "name": "SSRT101004",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
          },
          {
            "name": "51096",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51096"
          },
          {
            "name": "50582",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50582"
          },
          {
            "name": "RHSA-2012:1365",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1365.html"
          },
          {
            "name": "RHSA-2012:1266",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1266.html"
          },
          {
            "name": "openSUSE-SU-2012:1192",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00021.html"
          },
          {
            "name": "RHSA-2012:1267",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1267.html"
          },
          {
            "name": "55522",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55522"
          },
          {
            "name": "FEDORA-2012-13922",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087703.html"
          },
          {
            "name": "MDVSA-2012:152",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:152"
          },
          {
            "name": "FEDORA-2012-14106",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087697.html"
          },
          {
            "name": "SUSE-SU-2012:1199",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00022.html"
          },
          {
            "name": "APPLE-SA-2013-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
          },
          {
            "name": "50579",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50579"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
          },
          {
            "name": "50645",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50645"
          },
          {
            "name": "SUSE-SU-2012:1333",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00007.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.isc.org/article/AA-00778"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5880"
          },
          {
            "name": "RHSA-2012:1268",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1268.html"
          },
          {
            "name": "50560",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50560"
          },
          {
            "name": "FEDORA-2012-14030",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088381.html"
          },
          {
            "name": "50673",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50673"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221209-0008/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-09T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-2547",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2547"
        },
        {
          "name": "USN-1566-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1566-1"
        },
        {
          "name": "HPSBOV03226",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
        },
        {
          "name": "SSRT101004",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
        },
        {
          "name": "51096",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/51096"
        },
        {
          "name": "50582",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/50582"
        },
        {
          "name": "RHSA-2012:1365",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1365.html"
        },
        {
          "name": "RHSA-2012:1266",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1266.html"
        },
        {
          "name": "openSUSE-SU-2012:1192",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00021.html"
        },
        {
          "name": "RHSA-2012:1267",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1267.html"
        },
        {
          "name": "55522",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/55522"
        },
        {
          "name": "FEDORA-2012-13922",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087703.html"
        },
        {
          "name": "MDVSA-2012:152",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:152"
        },
        {
          "name": "FEDORA-2012-14106",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087697.html"
        },
        {
          "name": "SUSE-SU-2012:1199",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00022.html"
        },
        {
          "name": "APPLE-SA-2013-09-12-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
        },
        {
          "name": "50579",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/50579"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
        },
        {
          "name": "50645",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/50645"
        },
        {
          "name": "SUSE-SU-2012:1333",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00007.html"
        },
        {
          "url": "https://kb.isc.org/article/AA-00778"
        },
        {
          "url": "http://support.apple.com/kb/HT5880"
        },
        {
          "name": "RHSA-2012:1268",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1268.html"
        },
        {
          "name": "50560",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/50560"
        },
        {
          "name": "FEDORA-2012-14030",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088381.html"
        },
        {
          "name": "50673",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/50673"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221209-0008/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-4244",
    "datePublished": "2012-09-14T00:00:00.000Z",
    "dateReserved": "2012-08-10T00:00:00.000Z",
    "dateUpdated": "2024-08-06T20:28:07.596Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2014-AVI-008

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Avaya Experience Portal. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Avaya Experience Portal versions antérieures à 7.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Avaya ASA-2012-482 du 08 janvier 2014	None	vendor-advisory
Bulletin de sécurité Avaya ASA-2013-041 du 08 janvier 2014	None	vendor-advisory
Bulletin de sécurité Avaya ASA-2012-479 du 08 janvier 2014	None	vendor-advisory
Bulletin de sécurité Avaya ASA-2012-448 du 08 janvier 2014	None	vendor-advisory
Bulletin de sécurité Avaya ASA-2012-371 du 08 janvier 2014	None	vendor-advisory
Bulletin de sécurité Avaya ASA-2012-444 du 08 janvier 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eAvaya Experience Portal versions ant\u00e9rieures \u00e0 7.0\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
    },
    {
      "name": "CVE-2012-3511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3511"
    },
    {
      "name": "CVE-2012-4405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4405"
    },
    {
      "name": "CVE-2011-3970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
    },
    {
      "name": "CVE-2012-3400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3400"
    },
    {
      "name": "CVE-2012-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
    },
    {
      "name": "CVE-2012-2870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
    },
    {
      "name": "CVE-2012-2133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2133"
    },
    {
      "name": "CVE-2012-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
    },
    {
      "name": "CVE-2012-1568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1568"
    },
    {
      "name": "CVE-2012-2893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2893"
    },
    {
      "name": "CVE-2012-3546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3546"
    },
    {
      "name": "CVE-2012-3489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3489"
    },
    {
      "name": "CVE-2011-1202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
    },
    {
      "name": "CVE-2012-2825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
    }
  ],
  "initial_release_date": "2014-01-10T00:00:00",
  "last_revision_date": "2014-01-10T00:00:00",
  "links": [],
  "reference": "CERTA-2014-AVI-008",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-01-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAvaya Experience Portal\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Avaya Experience Portal",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-482 du 08 janvier 2014",
      "url": "https://downloads.avaya.com/css/P8/documents/100167760"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2013-041 du 08 janvier 2014",
      "url": "https://downloads.avaya.com/css/P8/documents/100169684"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-479 du 08 janvier 2014",
      "url": "https://downloads.avaya.com/css/P8/documents/100167733"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-448 du 08 janvier 2014",
      "url": "https://downloads.avaya.com/css/P8/documents/100167395"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-371 du 08 janvier 2014",
      "url": "https://downloads.avaya.com/css/P8/documents/100166061"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-444 du 08 janvier 2014",
      "url": "https://downloads.avaya.com/css/P8/documents/100167374"
    }
  ]
}

CERTA-2013-AVI-529

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Apple OS X Mountain Lion. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple OS X Mountain Lion versions antérieures à 10.8.5

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 12 septembre 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple OS X Mountain Lion versions ant\u00e9rieures \u00e0 10.8.5\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-5166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5166"
    },
    {
      "name": "CVE-2013-1027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1027"
    },
    {
      "name": "CVE-2012-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
    },
    {
      "name": "CVE-2013-1635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1635"
    },
    {
      "name": "CVE-2013-1029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1029"
    },
    {
      "name": "CVE-2013-1899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1899"
    },
    {
      "name": "CVE-2013-1901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1901"
    },
    {
      "name": "CVE-2013-1032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1032"
    },
    {
      "name": "CVE-2012-2687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2687"
    },
    {
      "name": "CVE-2013-1643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1643"
    },
    {
      "name": "CVE-2013-1031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1031"
    },
    {
      "name": "CVE-2012-5688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5688"
    },
    {
      "name": "CVE-2013-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0166"
    },
    {
      "name": "CVE-2013-1033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1033"
    },
    {
      "name": "CVE-2012-2686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2686"
    },
    {
      "name": "CVE-2012-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3817"
    },
    {
      "name": "CVE-2013-2021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2021"
    },
    {
      "name": "CVE-2013-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
    },
    {
      "name": "CVE-2012-4558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4558"
    },
    {
      "name": "CVE-2013-1025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1025"
    },
    {
      "name": "CVE-2013-1028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1028"
    },
    {
      "name": "CVE-2013-1903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1903"
    },
    {
      "name": "CVE-2013-2020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2020"
    },
    {
      "name": "CVE-2012-3499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3499"
    },
    {
      "name": "CVE-2013-1900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1900"
    },
    {
      "name": "CVE-2013-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1824"
    },
    {
      "name": "CVE-2013-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2110"
    },
    {
      "name": "CVE-2013-2266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2266"
    },
    {
      "name": "CVE-2013-1026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1026"
    },
    {
      "name": "CVE-2013-1902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1902"
    },
    {
      "name": "CVE-2012-0883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0883"
    },
    {
      "name": "CVE-2013-1030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1030"
    }
  ],
  "initial_release_date": "2013-09-13T00:00:00",
  "last_revision_date": "2013-09-13T00:00:00",
  "links": [],
  "reference": "CERTA-2013-AVI-529",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-09-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OS X Mountain Lion\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OS X Mountain Lion",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 12 septembre 2013",
      "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
    }
  ]
}

CERTA-2012-AVI-601

Vulnerability from certfr_avis

Quatre vulnérabilités ont été corrigées dans HP-UX. Elles concernent le composant BIND et permettent à un utilisateur malintentionné à provoquer un déni de service à distance ou un contournement d'authentification.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
ISC	BIND	HP-UX version B.11.11 utilisant BIND 9.3 avec une version antérieure à 9.3.2.12.0
ISC	BIND	HP-UX version B.11.31 utilisant BIND 9.3 avec une version antérieure à 9.3.2.14.0
ISC	BIND	HP-UX version B.11.23 utilisant BIND 9.3 avec une version antérieure à 9.3.2.12.0

References

Title

Publication Time

Tags

Bulletin de sécurité HP c03526327 du 23 octobre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP-UX version B.11.11 utilisant BIND 9.3 avec une version ant\u00e9rieure \u00e0 9.3.2.12.0",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX version B.11.31 utilisant BIND 9.3 avec une version ant\u00e9rieure \u00e0 9.3.2.14.0",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX version B.11.23 utilisant BIND 9.3 avec une version ant\u00e9rieure \u00e0 9.3.2.12.0",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-5166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5166"
    },
    {
      "name": "CVE-2012-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
    },
    {
      "name": "CVE-2012-1667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1667"
    },
    {
      "name": "CVE-2012-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3817"
    }
  ],
  "initial_release_date": "2012-10-25T00:00:00",
  "last_revision_date": "2012-10-25T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-601",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Quatre vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP-UX\u003c/span\u003e. Elles concernent le composant \u003cspan\nclass=\"textit\"\u003eBIND\u003c/span\u003e et permettent \u00e0 un utilisateur malintentionn\u00e9\n\u00e0 provoquer un d\u00e9ni de service \u00e0 distance ou un contournement\nd\u0027authentification.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP-UX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03526327 du 23 octobre 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03526327"
    }
  ]
}

CERTA-2013-AVI-146

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware ESX version 4.0
VMware	N/A	VMware ESX version 4.1
VMware	vCenter Server	VMware vCenter Server version 5.1
VMware	ESXi	VMware ESXi version 3.5
VMware	ESXi	VMware ESXi version 5.0
VMware	ESXi	VMware ESXi version 5.1
VMware	N/A	VMware ESX version 3.5
VMware	ESXi	VMware ESXi version 4.1
VMware	ESXi	VMware ESXi version 4.0
VMware	vCenter Server	VMware vCenter Server version 5.0
VMware	N/A	VMware VirtualCenter version 4.0
VMware	vCenter Server	VMware vCenter Server version 4.0

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2012-0018 du 21 février 2013	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2013-0003 du 21 février 2013	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2013-0001 du 21 février 2013	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2013-0003 VMSA-2012-0018 VMSA-2013-0001 du 21 février 2013	-	other
Bulletin de sécurité VMware VMSA-2013-0003 VMSA-2012-0018 VMSA-2013-0001 du 21 février 2013	-	other
Bulletin de sécurité VMware VMSA-2013-0003 VMSA-2012-0018 VMSA-2013-0001 du 21 février 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX version 4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX version 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter Server version 5.1",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 3.5",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 5.0",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 5.1",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX version 3.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 4.1",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 4.0",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter Server version 5.0",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware VirtualCenter version 4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter Server version 4.0",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4609"
    },
    {
      "name": "CVE-2012-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2009-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5064"
    },
    {
      "name": "CVE-2009-5029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5029"
    },
    {
      "name": "CVE-2011-3970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
    },
    {
      "name": "CVE-2012-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
    },
    {
      "name": "CVE-2012-3404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3404"
    },
    {
      "name": "CVE-2012-2870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
    },
    {
      "name": "CVE-2013-1405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1405"
    },
    {
      "name": "CVE-2012-6324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6324"
    },
    {
      "name": "CVE-2011-3102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3102"
    },
    {
      "name": "CVE-2012-3406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3406"
    },
    {
      "name": "CVE-2010-0830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0830"
    },
    {
      "name": "CVE-2012-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0864"
    },
    {
      "name": "CVE-2012-6326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6326"
    },
    {
      "name": "CVE-2013-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1659"
    },
    {
      "name": "CVE-2012-2807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2807"
    },
    {
      "name": "CVE-2012-3405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3405"
    },
    {
      "name": "CVE-2012-3480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3480"
    },
    {
      "name": "CVE-2012-6325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6325"
    },
    {
      "name": "CVE-2011-1202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
    },
    {
      "name": "CVE-2011-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1089"
    },
    {
      "name": "CVE-2012-2825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
    }
  ],
  "initial_release_date": "2013-02-22T00:00:00",
  "last_revision_date": "2013-02-22T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 VMSA-2012-0018    VMSA-2013-0001 du 21 f\u00e9vrier 2013",
      "url": "http://www.vmware.com/security/advisories/VMSA-2012-0018.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 VMSA-2012-0018    VMSA-2013-0001 du 21 f\u00e9vrier 2013",
      "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 VMSA-2012-0018    VMSA-2013-0001 du 21 f\u00e9vrier 2013",
      "url": "http://www.vmware.com/security/advisories/VMSA-2013-0003.html"
    }
  ],
  "reference": "CERTA-2013-AVI-146",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-02-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eVMware\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement\nde la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0018 du 21 f\u00e9vrier 2013",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 du 21 f\u00e9vrier 2013",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0001 du 21 f\u00e9vrier 2013",
      "url": null
    }
  ]
}

CERTA-2013-AVI-088

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans VMware vSphere. Plusieurs composants tiers ont été corrigés comme libxml2, bind et xslt. La vulnérabilité la plus critique permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware ESX versions antérieures à 4.1 mise à jour ESX410-201301401-SG
VMware	ESXi	VMware ESXi versions antérieures à 4.1 mise à jour ESXi410-201301401-SG
VMware	vCenter Server	VMware vCenter Server versions antérieures à 4.1 mise à jour 3a
VMware	N/A	VMware vCenter Client versions antérieures à 4.1 mise à jour 3a

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2013-0001 du 31 janvier 2013	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2013-0001 du 31 janvier 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour ESX410-201301401-SG",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour ESXi410-201301401-SG",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter Server versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour 3a",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter Client versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour 3a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
    },
    {
      "name": "CVE-2011-3970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
    },
    {
      "name": "CVE-2012-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
    },
    {
      "name": "CVE-2012-2870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
    },
    {
      "name": "CVE-2013-1405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1405"
    },
    {
      "name": "CVE-2011-3102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3102"
    },
    {
      "name": "CVE-2012-2807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2807"
    },
    {
      "name": "CVE-2011-1202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
    },
    {
      "name": "CVE-2012-2825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
    }
  ],
  "initial_release_date": "2013-02-04T00:00:00",
  "last_revision_date": "2013-02-04T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0001 du 31 janvier    2013",
      "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"
    }
  ],
  "reference": "CERTA-2013-AVI-088",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-02-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eVMware vSphere\u003c/span\u003e. Plusieurs composants tiers ont \u00e9t\u00e9\ncorrig\u00e9s comme \u003cspan class=\"textit\"\u003elibxml2\u003c/span\u003e, \u003cspan\nclass=\"textit\"\u003ebind\u003c/span\u003e et \u003cspan class=\"textit\"\u003exslt\u003c/span\u003e. La\nvuln\u00e9rabilit\u00e9 la plus critique permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware vSphere",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0001 du 31 janvier 2013",
      "url": null
    }
  ]
}

CERTA-2012-AVI-500

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans ISC BIND. Elle concerne un déni de service à distance qui se déclenche lorsqu'un enregistrement avec un champ RDATA très grand est chargé par un serveur DNS.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

ISC BIND versions :

9.0.x à 9.6.x ;
9.4-ESV à 9.4-ESV-R5-P1 ;
9.6-ESV à 9.6-ESV-R7-P2 ;
9.7.0 à 9.7.6-P2 ;
9.8.0 à 9.8.3-P2 ;
9.9.0 à 9.9.1-P2.

Les branches 9.4 et 9.5 sont également affectées mais ne sont plus maintenues.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité ISC du 12 septembre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eISC BIND versions :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003e9.0.x \u00e0 9.6.x ;\u003c/LI\u003e    \u003cLI\u003e9.4-ESV \u00e0 9.4-ESV-R5-P1 ;\u003c/LI\u003e    \u003cLI\u003e9.6-ESV \u00e0 9.6-ESV-R7-P2 ;\u003c/LI\u003e    \u003cLI\u003e9.7.0 \u00e0 9.7.6-P2 ;\u003c/LI\u003e    \u003cLI\u003e9.8.0 \u00e0 9.8.3-P2 ;\u003c/LI\u003e    \u003cLI\u003e9.9.0 \u00e0 9.9.1-P2.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes branches 9.4 et 9.5 sont \u00e9galement affect\u00e9es mais ne sont  plus maintenues.\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
    }
  ],
  "initial_release_date": "2012-09-13T00:00:00",
  "last_revision_date": "2012-09-13T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-500",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-09-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eISC\nBIND\u003c/span\u003e. Elle concerne un d\u00e9ni de service \u00e0 distance qui se\nd\u00e9clenche lorsqu\u0027un enregistrement avec un champ RDATA tr\u00e8s grand est\ncharg\u00e9 par un serveur DNS.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans ISC BIND",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ISC du 12 septembre 2012",
      "url": "https://kb.isc.org/article/AA-00778/74"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2012-4244 (GCVE-0-2012-4244)

Vulnerability from cvelistv5

CERTA-2014-AVI-008

Vulnerability from certfr_avis

Solution

CERTA-2013-AVI-529

Vulnerability from certfr_avis

Solution

CERTA-2012-AVI-601

Vulnerability from certfr_avis

Solution

CERTA-2013-AVI-146

Vulnerability from certfr_avis

Solution

CERTA-2013-AVI-088

Vulnerability from certfr_avis

Solution

CERTA-2012-AVI-500

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature