Oval Definition:	oval:com.ubuntu.trusty:def:20143704000
Revision Date: 2014-10-15 Version: 1 Title: CVE-2014-3704 on Ubuntu 14.04 LTS (trusty) - medium. Description: The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-3704 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'drupal7' package in trusty was vulnerable but has been fixed (note: '7.26-1ubuntu0.1').
BACK