Upstream information

CVE-2009-1171 at MITRE

Description

The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.3
Vector AV:N/AC:M/Au:N/C:P/I:N/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 490087 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • moodle-debuginfo >= 1.9.0-24.8
openSUSE 11.0
  • moodle >= 1.9.0-24.8
  • moodle-af >= 1.9.0-24.8
  • moodle-ar >= 1.9.0-24.8
  • moodle-be >= 1.9.0-24.8
  • moodle-bg >= 1.9.0-24.8
  • moodle-bs >= 1.9.0-24.8
  • moodle-ca >= 1.9.0-24.8
  • moodle-cs >= 1.9.0-24.8
  • moodle-da >= 1.9.0-24.8
  • moodle-de >= 1.9.0-24.8
  • moodle-de_du >= 1.9.0-24.8
  • moodle-el >= 1.9.0-24.8
  • moodle-es >= 1.9.0-24.8
  • moodle-et >= 1.9.0-24.8
  • moodle-eu >= 1.9.0-24.8
  • moodle-fa >= 1.9.0-24.8
  • moodle-fi >= 1.9.0-24.8
  • moodle-fr >= 1.9.0-24.8
  • moodle-ga >= 1.9.0-24.8
  • moodle-gl >= 1.9.0-24.8
  • moodle-he >= 1.9.0-24.8
  • moodle-hi >= 1.9.0-24.8
  • moodle-hr >= 1.9.0-24.8
  • moodle-hu >= 1.9.0-24.8
  • moodle-id >= 1.9.0-24.8
  • moodle-is >= 1.9.0-24.8
  • moodle-it >= 1.9.0-24.8
  • moodle-ja >= 1.9.0-24.8
  • moodle-ka >= 1.9.0-24.8
  • moodle-km >= 1.9.0-24.8
  • moodle-kn >= 1.9.0-24.8
  • moodle-ko >= 1.9.0-24.8
  • moodle-lt >= 1.9.0-24.8
  • moodle-lv >= 1.9.0-24.8
  • moodle-mi_tn >= 1.9.0-24.8
  • moodle-ms >= 1.9.0-24.8
  • moodle-nl >= 1.9.0-24.8
  • moodle-nn >= 1.9.0-24.8
  • moodle-no >= 1.9.0-24.8
  • moodle-pl >= 1.9.0-24.8
  • moodle-pt >= 1.9.0-24.8
  • moodle-ro >= 1.9.0-24.8
  • moodle-ru >= 1.9.0-24.8
  • moodle-sk >= 1.9.0-24.8
  • moodle-sl >= 1.9.0-24.8
  • moodle-so >= 1.9.0-24.8
  • moodle-sq >= 1.9.0-24.8
  • moodle-sr >= 1.9.0-24.8
  • moodle-sv >= 1.9.0-24.8
  • moodle-th >= 1.9.0-24.8
  • moodle-tl >= 1.9.0-24.8
  • moodle-tr >= 1.9.0-24.8
  • moodle-uk >= 1.9.0-24.8
  • moodle-vi >= 1.9.0-24.8
  • moodle-zh_cn >= 1.9.0-24.8
openSUSE 11.1
  • moodle-debuginfo >= 1.9.3-1.12.1
openSUSE 11.1
  • moodle >= 1.9.3-1.12.1
  • moodle-af >= 1.9.3-1.12.1
  • moodle-ar >= 1.9.3-1.12.1
  • moodle-be >= 1.9.3-1.12.1
  • moodle-bg >= 1.9.3-1.12.1
  • moodle-bs >= 1.9.3-1.12.1
  • moodle-ca >= 1.9.3-1.12.1
  • moodle-cs >= 1.9.3-1.12.1
  • moodle-da >= 1.9.3-1.12.1
  • moodle-de >= 1.9.3-1.12.1
  • moodle-de_du >= 1.9.3-1.12.1
  • moodle-el >= 1.9.3-1.12.1
  • moodle-es >= 1.9.3-1.12.1
  • moodle-et >= 1.9.3-1.12.1
  • moodle-eu >= 1.9.3-1.12.1
  • moodle-fa >= 1.9.3-1.12.1
  • moodle-fi >= 1.9.3-1.12.1
  • moodle-fr >= 1.9.3-1.12.1
  • moodle-ga >= 1.9.3-1.12.1
  • moodle-gl >= 1.9.3-1.12.1
  • moodle-he >= 1.9.3-1.12.1
  • moodle-hi >= 1.9.3-1.12.1
  • moodle-hr >= 1.9.3-1.12.1
  • moodle-hu >= 1.9.3-1.12.1
  • moodle-id >= 1.9.3-1.12.1
  • moodle-is >= 1.9.3-1.12.1
  • moodle-it >= 1.9.3-1.12.1
  • moodle-ja >= 1.9.3-1.12.1
  • moodle-ka >= 1.9.3-1.12.1
  • moodle-km >= 1.9.3-1.12.1
  • moodle-kn >= 1.9.3-1.12.1
  • moodle-ko >= 1.9.3-1.12.1
  • moodle-lt >= 1.9.3-1.12.1
  • moodle-lv >= 1.9.3-1.12.1
  • moodle-mi_tn >= 1.9.3-1.12.1
  • moodle-ms >= 1.9.3-1.12.1
  • moodle-nl >= 1.9.3-1.12.1
  • moodle-nn >= 1.9.3-1.12.1
  • moodle-no >= 1.9.3-1.12.1
  • moodle-pl >= 1.9.3-1.12.1
  • moodle-pt >= 1.9.3-1.12.1
  • moodle-ro >= 1.9.3-1.12.1
  • moodle-ru >= 1.9.3-1.12.1
  • moodle-sk >= 1.9.3-1.12.1
  • moodle-sl >= 1.9.3-1.12.1
  • moodle-so >= 1.9.3-1.12.1
  • moodle-sq >= 1.9.3-1.12.1
  • moodle-sr >= 1.9.3-1.12.1
  • moodle-sv >= 1.9.3-1.12.1
  • moodle-th >= 1.9.3-1.12.1
  • moodle-tl >= 1.9.3-1.12.1
  • moodle-tr >= 1.9.3-1.12.1
  • moodle-uk >= 1.9.3-1.12.1
  • moodle-vi >= 1.9.3-1.12.1
  • moodle-zh_cn >= 1.9.3-1.12.1