OVAL Reference oval:com.ubuntu.trusty:def:20175638000

Oval Definition:

oval:com.ubuntu.trusty:def:20175638000

Revision Date:	2017-03-10	Version:	1
Title:	CVE-2017-5638 on Ubuntu 14.04 LTS (trusty) - untriaged.
Description:	The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-5638
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND NOT While related to the CVE in some way, the 'libstruts1.2-java' package in trusty is not affected.