LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

moodle: many vulnerabilities

Package(s):moodle CVE #(s):CVE-2012-0792 CVE-2012-0793 CVE-2012-0794 CVE-2012-0795 CVE-2012-0796 CVE-2012-0797 CVE-2012-0798 CVE-2012-0799 CVE-2012-0800 CVE-2012-0801
Created:February 2, 2012 Updated:February 8, 2012
Description:

From the Red Hat bugzilla entry:

CVE-2012-0792 Moodle MSA-12-0002: Personal information leak

CVE-2012-0793 Moodle MSA-12-0004: Added profile image security

CVE-2012-0794 Moodle MSA-12-0005: Encryption enhancement

CVE-2012-0795 Moodle MSA-12-0006: Additional email address validation

CVE-2012-0796 Moodle MSA-12-0007: Email injection prevention

CVE-2012-0797 Moodle MSA-12-0008: Unsynchronised access via tokens

CVE-2012-0798 Moodle MSA-12-0009: Role access issue

CVE-2012-0799 Moodle MSA-12-0010: Unauthorised access to session key

CVE-2012-0800 Moodle MSA-12-0011: Browser autofill password issue

CVE-2012-0801 Moodle MSA-12-0012: Form validation issue

Alerts:
Fedora FEDORA-2012-0939 2012-02-02
Fedora FEDORA-2012-0913 2012-02-02
Debian DSA-2421-1 2012-02-29
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds