Multiple vulnerabilities in Moodle
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2012-0795 CVE-2012-0796 CVE-2012-0797 CVE-2012-0798 CVE-2012-0800 CVE-2012-0801 CVE-2012-0793 CVE-2012-0794 |
| CWE-ID | CWE-20 CWE-94 CWE-16 CWE-264 CWE-200 CWE-255 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU43850
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-0795
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-13572
https://moodle.org/mod/forum/discuss.php?d=194014
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Code Injection
EUVDB-ID: #VU43851
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-0796
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=62988bf0bbc73df655f51884aaf1f523928abff9
https://moodle.org/mod/forum/discuss.php?d=194015
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Configuration
EUVDB-ID: #VU43852
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-0797
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28126
https://moodle.org/mod/forum/discuss.php?d=194016
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43853
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-0798
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29469
https://moodle.org/mod/forum/discuss.php?d=194017
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU43855
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-0800
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on an iPad device.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=6e9989dbd3f261b2e1586ff77b0bf22fc7091485
https://moodle.org/mod/forum/discuss.php?d=194019
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU43856
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-0801
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git;a=commit;h=51070abc78b9e1db1db9a44855e8623b22bebd48
https://moodle.org/mod/forum/discuss.php?d=194020
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43858
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-0793
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=90911c4ff98dc2078a3acef5ddf5a1a8f7e20ba5
https://moodle.org/mod/forum/discuss.php?d=194012
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Credentials management
EUVDB-ID: #VU43859
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-0794
CWE-ID:
CWE-255 - Credentials Management
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=98456628a24bba25d336860d38a45b5a4e3895da
https://moodle.org/mod/forum/discuss.php?d=194013
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=783532
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
