OVAL Reference oval:com.ubuntu.xenial:def:20155351000

Oval Definition:

oval:com.ubuntu.xenial:def:20155351000

Revision Date:	2016-02-24	Version:	1
Title:	CVE-2015-5351 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-5351
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT While related to the CVE in some way, the 'tomcat6' package in xenial is not affected (note: '6.0.45+dfsg-1'). OR NOT While related to the CVE in some way, the 'tomcat7' package in xenial is not affected (note: '7.0.68-1'). OR NOT While related to the CVE in some way, the 'tomcat8' package in xenial is not affected (note: '8.0.32-1ubuntu1').