Oval Definition:	oval:com.ubuntu.trusty:def:20145026000
Revision Date: 2014-10-20 Version: 1 Title: CVE-2014-5026 on Ubuntu 14.04 LTS (trusty) - medium. Description: Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-5026 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'cacti' package in trusty was vulnerable but has been fixed (note: '0.8.8b+dfsg-5ubuntu0.1').
BACK