Oval Definition:oval:com.ubuntu.cosmic:def:20155723000
Revision Date:2016-06-07Version:1
Title:CVE-2015-5723 on Ubuntu 18.10 (cosmic) - medium.
Description:Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-5723
Platform(s):Ubuntu 18.10
Product(s):
Definition Synopsis
  • Ubuntu 18.10 (cosmic) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'doctrine' package in cosmic is not affected (note: '2.4.8-2').
  • OR The 'php-doctrine-annotations' package in cosmic is affected and needs fixing.
  • OR The 'php-doctrine-cache' package in cosmic is affected and needs fixing.
  • OR The 'php-doctrine-common' package in cosmic is affected and needs fixing.
    • BACK