Solution
Please Install the Updated Packages.
Insight
Nicolas Gregoire discovered that Xalan-Java incorrectly handled certain properties when the secure processing feature was enabled.
An attacker could possibly use this issue to load arbitrary classes or access external resources.
Affected
libxalan2-java on Ubuntu 13.10 ,
Ubuntu 12.04 LTS ,
Ubuntu 10.04 LTS
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-0107 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities