Oval Definition:	oval:com.ubuntu.precise:def:20143704000
Revision Date: 2014-10-15 Version: 1 Title: CVE-2014-3704 on Ubuntu 12.04 LTS (precise) - medium. Description: The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-3704 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'drupal6' package in precise is not affected. OR The 'drupal7' package in precise was vulnerable but has been fixed (note: '7.12-1ubuntu0.1').
BACK