Oval Definition:	oval:com.ubuntu.xenial:def:201497670000000
Revision Date: 2016-05-22 Version: 1 Title: CVE-2014-9767 on Ubuntu 16.04 LTS (xenial) - low. Description: Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-9767 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information hhvm package in xenial is affected and needs fixing. OR php7.0 package in xenial, is related to the CVE in some way and has been fixed (note: '7.0.4-5ubuntu2').
BACK