Computer Security

CVE-2009-4299
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2009-4299
StatusCandidate
Descriptionmod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.
SeverityMedium
CVSS score5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:N/A:N)
PhaseAssigned (16.12.2009)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4299
ReferencesBID : 37244
 CONFIRM : http://docs.moodle.org/en/Moodle_1.8.11_release_notes
 CONFIRM : http://docs.moodle.org/en/Moodle_1.9.7_release_notes
 CONFIRM : http://moodle.org/mod/forum/discuss.php?d=139103
 FEDORA : FEDORA-2009-13040
 FEDORA : FEDORA-2009-13065
 FEDORA : FEDORA-2009-13080
 SECUNIA : 37614
 VUPEN : ADV-2009-3455
SecurityVulns:Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server