Oval Definition:	oval:com.ubuntu.precise:def:20166614000
Revision Date: 2016-12-10 Version: 1 Title: CVE-2016-6614 on Ubuntu 12.04 LTS (precise) - low. Description: An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-6614 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'phpmyadmin' package in precise is affected and needs fixing.
BACK