OVAL Reference oval:com.ubuntu.precise:def:20155351000

Oval Definition:

oval:com.ubuntu.precise:def:20155351000

Revision Date:	2016-02-24	Version:	1
Title:	CVE-2015-5351 on Ubuntu 12.04 LTS (precise) - medium.
Description:	The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-5351
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'tomcat6' package in precise is not affected (note: 'code not present'). OR The 'tomcat7' package in precise is affected and needs fixing.