Oval Definition:	oval:com.ubuntu.trusty:def:20158476000
Revision Date: 2015-12-16 Version: 1 Title: CVE-2015-8476 on Ubuntu 14.04 LTS (trusty) - medium. Description: Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-8476 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'libphp-phpmailer' package in trusty was vulnerable but has been fixed (note: '5.1-1+deb6u11build0.14.04.1').
BACK