CVE-2009-1171

Related Files

Ubuntu Security Notice 791-2

Posted Jun 25, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-791-2 - Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy.

tags | advisory, remote, web, arbitrary

systems | linux, ubuntu

advisories | CVE-2009-1171

SHA-256 | cfc1498d9d234062c6029888260b1a535de25f14fc02b8ab3fda4affa7ef4853

Download | Favorite | View

Ubuntu Security Notice 791-1

Posted Jun 25, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-791-1 - A large amount of Moodle vulnerabilities have been addressed including code execution, SQL injection, and cross site request forgery issues.

tags | advisory, vulnerability, code execution, sql injection, csrf

systems | linux, ubuntu

advisories | CVE-2007-3215, CVE-2008-4796, CVE-2008-4810, CVE-2008-4811, CVE-2008-5153, CVE-2008-5432, CVE-2008-5619, CVE-2008-6124, CVE-2009-0499, CVE-2009-0500, CVE-2009-0501, CVE-2009-0502, CVE-2009-1171, CVE-2009-1669

SHA-256 | 64eba19d281ac935355625ea75f3a8d85a741d8ad8b8abd7435d68842a28d061

Download | Favorite | View

Debian Linux Security Advisory 1761-1

Posted Apr 3, 2009

Authored by Debian | Site debian.org

Debian Security Advisory 1761-1 - Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files.

tags | advisory, web, arbitrary

systems | linux, debian

advisories | CVE-2009-1171

SHA-256 | a5ba2592353a80c1f3c72c4727c59a62858885f33fe79693dba77a2a7c163285

Download | Favorite | View