Oval Definition:
oval:com.ubuntu.precise:def:20143620000
Revision Date
:
2014-11-18
Version
:
1
Title
:
CVE-2014-3620 on Ubuntu 12.04 LTS (precise) - medium.
Description
:
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2014-3620
Platform(s)
:
Ubuntu 12.04 LTS
Product(s)
:
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed.
AND
While related to the CVE in some way, the 'curl' package in precise is not affected (note: '7.22.0-3ubuntu4.8').
BACK