Oval Definition:	oval:com.ubuntu.xenial:def:20149767000
Revision Date: 2016-05-21 Version: 1 Title: CVE-2014-9767 on Ubuntu 16.04 LTS (xenial) - low. Description: Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-9767 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The 'hhvm' package in xenial is affected and needs fixing. OR NOT While related to the CVE in some way, the 'php7.0' package in xenial is not affected (note: '7.0.4-5ubuntu2').
BACK