OVAL Reference oval:com.ubuntu.trusty:def:20168863000

Oval Definition:

oval:com.ubuntu.trusty:def:20168863000

Revision Date:	2017-03-07	Version:	1
Title:	CVE-2016-8863 on Ubuntu 14.04 LTS (trusty) - medium.
Description:	Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-8863
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'libupnp' package in trusty was vulnerable but has been fixed (note: '1:1.6.17-1.2+deb7u2build0.14.04.1'). OR The 'libupnp4' package in trusty was vulnerable but has been fixed (note: '1.8.0~svn20100507-1.2+deb7u1build0.14.04.1').