Oval Definition:	oval:com.ubuntu.precise:def:20143730000
Revision Date: 2014-05-16 Version: 1 Title: CVE-2014-3730 on Ubuntu 12.04 LTS (precise) - medium. Description: The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\\djangoproject.com." Family: unix Class: vulnerability Status: Reference(s): CVE-2014-3730 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'python-django' package in precise was vulnerable but has been fixed (note: '1.3.1-4ubuntu1.11').
BACK