Oval Definition:
oval:com.ubuntu.artful:def:20160718000
Revision Date
:
2016-05-26
Version
:
1
Title
:
CVE-2016-0718 on Ubuntu 17.10 (artful) - medium.
Description
:
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2016-0718
Platform(s)
:
Ubuntu 17.10
Product(s)
:
Definition Synopsis
Ubuntu 17.10 (artful) is installed.
AND
Package Information
NOT
While related to the CVE in some way, the 'audacity' package in artful is not affected (note: 'uses system expat').
OR
The vulnerability of the 'cadaver' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'coin3' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The 'expat' package in artful was vulnerable but has been fixed (note: '2.1.1-1ubuntu1').
OR
NOT
While related to the CVE in some way, the 'firefox' package in artful is not affected (note: '48.0+build2-0ubuntu1').
OR
NOT
While related to the CVE in some way, the 'gdcm' package in artful is not affected (note: 'uses system expat').
OR
The vulnerability of the 'matanza' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
NOT
While related to the CVE in some way, the 'paraview' package in artful is not affected (note: 'uses system expat').
OR
NOT
While related to the CVE in some way, the 'poco' package in artful is not affected (note: 'uses system expat').
OR
NOT
While related to the CVE in some way, the 'simgear' package in artful is not affected (note: 'uses system expat').
OR
The vulnerability of the 'sitecopy' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
While related to the CVE in some way, a decision has been made to ignore it (note: 'code-not-compiled').
OR
The vulnerability of the 'swish-e' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'tdom' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
NOT
While related to the CVE in some way, the 'thunderbird' package in artful is not affected.
OR
The vulnerability of the 'tla' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'vnc4' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'wbxml2' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'xmlrpc-c' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
OR
The vulnerability of the 'xotcl' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
BACK