OVAL Reference oval:com.ubuntu.xenial:def:20147810000

Oval Definition:

oval:com.ubuntu.xenial:def:20147810000

Revision Date:	2015-06-07	Version:	1
Title:	CVE-2014-7810 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-7810
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The 'tomcat6' package in xenial was vulnerable but has been fixed (note: '6.0.45+dfsg-1'). OR NOT While related to the CVE in some way, the 'tomcat7' package in xenial is not affected (note: '7.0.61-1'). OR NOT While related to the CVE in some way, the 'tomcat8' package in xenial is not affected (note: '8.0.22-2').