Test ID:	1.3.6.1.4.1.25623.1.0.844699
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4619-1)
Summary:	The remote host is missing an update for the 'dom4j' package(s) announced via the USN-4619-1 advisory.
Description:	Summary: The remote host is missing an update for the 'dom4j' package(s) announced via the USN-4619-1 advisory. Vulnerability Insight: Mario Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000632) Affected Software/OS: 'dom4j' package(s) on Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1000632 https://github.com/dom4j/dom4j/commit/e598eb43d418744c4dbf62f647dd2381c9ce9387 https://github.com/dom4j/dom4j/issues/48 https://security.netapp.com/advisory/ntap-20190530-0001/ https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJULAHVR3I5SX7OSMXAG75IMNSAYOXGA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOOVVCRQE6ATFD2JM2EMDXOQXTRIVZGP/ https://ihacktoprotect.com/post/dom4j-xml-injection/ https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://lists.debian.org/debian-lts-announce/2018/09/msg00028.html https://lists.apache.org/thread.html/rb1b990d7920ae0d50da5109b73b92bab736d46c9788dd4b135cb1a51@%3Cnotifications.freemarker.apache.org%3E https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/5a020ecaa3c701f408f612f7ba2ee37a021644c4a39da2079ed3ddbc@%3Ccommits.maven.apache.org%3E https://lists.apache.org/thread.html/00571f362a7a2470fba50a31282c65637c40d2e21ebe6ee535a4ed74@%3Ccommits.maven.apache.org%3E https://lists.apache.org/thread.html/9d4c1af6f702c3d6d6f229de57112ddccac8ce44446a01b7937ab9e0@%3Ccommits.maven.apache.org%3E https://lists.apache.org/thread.html/4a77652531d62299a30815cf5f233af183425db8e3c9a824a814e768@%3Cdev.maven.apache.org%3E https://lists.apache.org/thread.html/7f6e120e6ed473f4e00dde4c398fc6698eb383bd7857d20513e989ce@%3Cdev.maven.apache.org%3E https://lists.apache.org/thread.html/d7d960b2778e35ec9b4d40c8efd468c7ce7163bcf6489b633491c89f@%3Cdev.maven.apache.org%3E https://lists.apache.org/thread.html/7e9e78f0e4288fac6591992836d2a80d4df19161e54bd71ab4b8e458@%3Cdev.maven.apache.org%3E RedHat Security Advisories: RHSA-2019:0362 https://access.redhat.com/errata/RHSA-2019:0362 RedHat Security Advisories: RHSA-2019:0364 https://access.redhat.com/errata/RHSA-2019:0364 RedHat Security Advisories: RHSA-2019:0365 https://access.redhat.com/errata/RHSA-2019:0365 RedHat Security Advisories: RHSA-2019:0380 https://access.redhat.com/errata/RHSA-2019:0380 RedHat Security Advisories: RHSA-2019:1159 https://access.redhat.com/errata/RHSA-2019:1159 RedHat Security Advisories: RHSA-2019:1160 https://access.redhat.com/errata/RHSA-2019:1160 RedHat Security Advisories: RHSA-2019:1161 https://access.redhat.com/errata/RHSA-2019:1161 RedHat Security Advisories: RHSA-2019:1162 https://access.redhat.com/errata/RHSA-2019:1162 RedHat Security Advisories: RHSA-2019:3172 https://access.redhat.com/errata/RHSA-2019:3172
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.