Multiple vulnerabilities in Moodle
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2012-4400 CVE-2012-4401 CVE-2012-4402 CVE-2012-4403 CVE-2012-4407 CVE-2012-4408 |
| CWE-ID | CWE-264 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43498
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-4400
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2 - 2.3.1
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-30792
https://moodle.org/mod/forum/discuss.php?d=211555
https://openwall.com/lists/oss-security/2012/09/17/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43499
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-4401
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabilities.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.2 - 2.3.1
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28207
https://moodle.org/mod/forum/discuss.php?d=211556
https://openwall.com/lists/oss-security/2012/09/17/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43500
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-4402
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one service.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.3.1:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-34368
https://moodle.org/mod/forum/discuss.php?d=211559
https://openwall.com/lists/oss-security/2012/09/17/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU43501
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-4403
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a request for a nonexistent resource and then reading the response.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.3 - 2.3.1
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-35168
https://moodle.org/mod/forum/discuss.php?d=211560
https://openwall.com/lists/oss-security/2012/09/17/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU43502
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-4407
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.3.1:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-34585
https://moodle.org/mod/forum/discuss.php?d=211557
https://openwall.com/lists/oss-security/2012/09/17/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43503
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-4408
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.3.1
CPE2.3- cpe:2.3:a:moodle_org:moodle:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.3.1:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-34519
https://moodle.org/mod/forum/discuss.php?d=211558
https://openwall.com/lists/oss-security/2012/09/17/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
