OVAL Reference oval:com.ubuntu.xenial:def:2018174720000000

Oval Definition:

oval:com.ubuntu.xenial:def:2018174720000000

Revision Date:	2018-11-14	Version:	1
Title:	CVE-2018-17472 on Ubuntu 16.04 LTS (xenial) - medium.
Description:	Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the sandbox via a crafted HTML page. <BR></TD></TR><TR><TD CLASS="cvenobg"><B>Family</B>:</TD><TD CLASS="cvenobg">unix</TD><TD CLASS="cvenobg"><B>Class</B>:</TD><TD CLASS="cvenobg">vulnerability</TD></TR><TR><TD CLASS="cvenobg"><B>Status</B>:</TD><TD CLASS="cvenobg"></TD><TD CLASS="cvenobg"><B>Reference(s)</B>:</TD><TD CLASS="cvenobg"><A HREF="/cgi-bin/skdb.pl/cvename/CVE-2018-17472.html">CVE-2018-17472</A><BR></TD></TR><TR><TD CLASS="cvenobg"><B>Platform(s)</B>:</TD><TD CLASS="cvenobg">Ubuntu 16.04 LTS<BR></TD><TD CLASS="cvenobg"><B>Product(s)</B>:</TD><TD CLASS="cvenobg"></TD></TR><TR><TD CLASS="cvebg" COLSPAN="4"><B>Definition Synopsis</B></TD></TR><TR><TD CLASS="cvenobg" COLSPAN="4"><LI CLASS="leaf1"><A HREF="/cgi-bin/skdb.pl/OVAL/oval:com.ubuntu.xenial:def:100.html">Ubuntu 16.04 LTS (xenial) is installed.</A> <LI CLASS="level1"><B>AND</B> Package Information <LI CLASS="leaf2"><A HREF="/cgi-bin/skdb.pl/OVAL/oval:com.ubuntu.xenial:tst:2018174580000000.html">chromium-browser package in xenial was vulnerable but has been fixed (note: '70.0.3538.67-0ubuntu0.16.04.1').</A> <LI CLASS="leaf2"><B>OR</B> <A HREF="/cgi-bin/skdb.pl/OVAL/oval:com.ubuntu.xenial:tst:2017170810000020.html">oxide-qt: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'Ubuntu touch end-of-life').</A> </TD></TR></TABLE></CENTER></TD></TR> <TR><TD COLSPAN="2" ALIGN="CENTER"><A HREF="javascript:history.go(-1)">BACK</A></TD></TR> </table></center> </body> </html>