Oval Definition:oval:com.ubuntu.trusty:def:201714990000
Revision Date:2017-10-02Version:1
Title:CVE-2017-14990 on Ubuntu 14.04 LTS (trusty) - low.
Description:WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-14990
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND The 'wordpress' package in trusty is affected and needs fixing.
  • BACK