Oval Definition:	oval:com.ubuntu.trusty:def:20181324000
Revision Date: 2018-03-16 Version: 1 Title: CVE-2018-1324 on Ubuntu 14.04 LTS (trusty) - low. Description: A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-1324 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The vulnerability of the 'libcommons-compress-java' package in trusty is not known (status: 'needs-triage'). It is pending evaluation.
BACK