Oval Definition:	oval:com.ubuntu.precise:def:20148554000
Revision Date: 2014-11-13 Version: 1 Title: CVE-2014-8554 on Ubuntu 12.04 LTS (precise) - medium. Description: SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1609. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-8554 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The vulnerability of the 'mantis' package in precise is not known (status: 'needs-triage'). It is pending evaluation.
BACK