OVAL Reference oval:com.ubuntu.trusty:def:20143160000

Oval Definition:

oval:com.ubuntu.trusty:def:20143160000

Revision Date:	2014-07-20	Version:	1
Title:	CVE-2014-3160 on Ubuntu 14.04 LTS (trusty) - medium.
Description:	The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-3160
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'chromium-browser' package in trusty was vulnerable but has been fixed (note: '36.0.1985.125-0ubuntu1.14.04.0~pkg1029'). OR The 'oxide-qt' package in trusty was vulnerable but has been fixed (note: '1.0.4-0ubuntu0.14.04.1').