Oval Definition:
oval:com.ubuntu.cosmic:def:20166232000
Revision Date
:
2016-08-02
Version
:
1
Title
:
CVE-2016-6232 on Ubuntu 18.10 (cosmic) - medium.
Description
:
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2016-6232
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
Package Information
NOT
While related to the CVE in some way, the 'karchive' package in cosmic is not affected.
OR
NOT
While related to the CVE in some way, the 'kde4libs' package in cosmic is not affected (note: '4:4.14.34-0ubuntu2').
BACK