OVAL Reference oval:com.ubuntu.xenial:def:20168735000

Oval Definition:

oval:com.ubuntu.xenial:def:20168735000

Revision Date:	2017-04-06	Version:	1
Title:	CVE-2016-8735 on Ubuntu 16.04 LTS (xenial) - low.
Description:	Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-8735
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The 'tomcat6' package in xenial is affected and needs fixing. OR The 'tomcat7' package in xenial was vulnerable but has been fixed (note: '7.0.68-1ubuntu0.3'). OR The 'tomcat8' package in xenial was vulnerable but has been fixed (note: '8.0.32-1ubuntu1.3').