OVAL Reference oval:com.ubuntu.xenial:def:20155346000

Oval Definition:

oval:com.ubuntu.xenial:def:20155346000

Revision Date:	2016-02-24	Version:	1
Title:	CVE-2015-5346 on Ubuntu 16.04 LTS (xenial) - low.
Description:	Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-5346
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT While related to the CVE in some way, the 'tomcat6' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'tomcat7' package in xenial is not affected (note: '7.0.68-1'). OR NOT While related to the CVE in some way, the 'tomcat8' package in xenial is not affected (note: '8.0.32-1ubuntu1').