Oval Definition:oval:com.ubuntu.xenial:def:20172807000
Revision Date:2017-09-05Version:1
Title:CVE-2017-2807 on Ubuntu 16.04 LTS (xenial) - medium.
Description:An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause an integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-2807
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'ledger' package in xenial is affected and needs fixing.
  • BACK