OVAL Reference oval:com.ubuntu.precise:def:20131665000

Oval Definition:

oval:com.ubuntu.precise:def:20131665000

Revision Date:	2013-04-02	Version:	1
Title:	CVE-2013-1665 on Ubuntu 12.04 LTS (precise) - medium.
Description:	The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) attack.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-1665
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'keystone' package in precise was vulnerable but has been fixed (note: '2012.1+stable~20120824-a16a0ab9-0ubuntu2.5'). OR The 'python-django' package in precise was vulnerable but has been fixed (note: '1.3.1-4ubuntu1.6').