Upstream information

CVE-2010-1617 at MITRE

Description

user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4
Vector AV:N/AC:L/Au:S/C:P/I:N/A:N
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 591850 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • moodle-debuginfo >= 1.9.8-0.1
openSUSE 11.0
  • moodle >= 1.9.8-0.1
  • moodle-af >= 1.9.8-0.1
  • moodle-ar >= 1.9.8-0.1
  • moodle-be >= 1.9.8-0.1
  • moodle-bg >= 1.9.8-0.1
  • moodle-bs >= 1.9.8-0.1
  • moodle-ca >= 1.9.8-0.1
  • moodle-cs >= 1.9.8-0.1
  • moodle-da >= 1.9.8-0.1
  • moodle-de >= 1.9.8-0.1
  • moodle-de_du >= 1.9.8-0.1
  • moodle-el >= 1.9.8-0.1
  • moodle-es >= 1.9.8-0.1
  • moodle-et >= 1.9.8-0.1
  • moodle-eu >= 1.9.8-0.1
  • moodle-fa >= 1.9.8-0.1
  • moodle-fi >= 1.9.8-0.1
  • moodle-fr >= 1.9.8-0.1
  • moodle-ga >= 1.9.8-0.1
  • moodle-gl >= 1.9.8-0.1
  • moodle-he >= 1.9.8-0.1
  • moodle-hi >= 1.9.8-0.1
  • moodle-hr >= 1.9.8-0.1
  • moodle-hu >= 1.9.8-0.1
  • moodle-id >= 1.9.8-0.1
  • moodle-is >= 1.9.8-0.1
  • moodle-it >= 1.9.8-0.1
  • moodle-ja >= 1.9.8-0.1
  • moodle-ka >= 1.9.8-0.1
  • moodle-km >= 1.9.8-0.1
  • moodle-kn >= 1.9.8-0.1
  • moodle-ko >= 1.9.8-0.1
  • moodle-lt >= 1.9.8-0.1
  • moodle-lv >= 1.9.8-0.1
  • moodle-mi_tn >= 1.9.8-0.1
  • moodle-ms >= 1.9.8-0.1
  • moodle-nl >= 1.9.8-0.1
  • moodle-nn >= 1.9.8-0.1
  • moodle-no >= 1.9.8-0.1
  • moodle-pl >= 1.9.8-0.1
  • moodle-pt >= 1.9.8-0.1
  • moodle-ro >= 1.9.8-0.1
  • moodle-ru >= 1.9.8-0.1
  • moodle-sk >= 1.9.8-0.1
  • moodle-sl >= 1.9.8-0.1
  • moodle-so >= 1.9.8-0.1
  • moodle-sq >= 1.9.8-0.1
  • moodle-sr >= 1.9.8-0.1
  • moodle-sv >= 1.9.8-0.1
  • moodle-th >= 1.9.8-0.1
  • moodle-tl >= 1.9.8-0.1
  • moodle-tr >= 1.9.8-0.1
  • moodle-uk >= 1.9.8-0.1
  • moodle-vi >= 1.9.8-0.1
  • moodle-zh_cn >= 1.9.8-0.1
openSUSE 11.1
  • moodle-debuginfo >= 1.9.8-0.1.1
openSUSE 11.1
  • moodle >= 1.9.8-0.1.1
  • moodle-af >= 1.9.8-0.1.1
  • moodle-ar >= 1.9.8-0.1.1
  • moodle-be >= 1.9.8-0.1.1
  • moodle-bg >= 1.9.8-0.1.1
  • moodle-bs >= 1.9.8-0.1.1
  • moodle-ca >= 1.9.8-0.1.1
  • moodle-cs >= 1.9.8-0.1.1
  • moodle-da >= 1.9.8-0.1.1
  • moodle-de >= 1.9.8-0.1.1
  • moodle-de_du >= 1.9.8-0.1.1
  • moodle-el >= 1.9.8-0.1.1
  • moodle-es >= 1.9.8-0.1.1
  • moodle-et >= 1.9.8-0.1.1
  • moodle-eu >= 1.9.8-0.1.1
  • moodle-fa >= 1.9.8-0.1.1
  • moodle-fi >= 1.9.8-0.1.1
  • moodle-fr >= 1.9.8-0.1.1
  • moodle-ga >= 1.9.8-0.1.1
  • moodle-gl >= 1.9.8-0.1.1
  • moodle-he >= 1.9.8-0.1.1
  • moodle-hi >= 1.9.8-0.1.1
  • moodle-hr >= 1.9.8-0.1.1
  • moodle-hu >= 1.9.8-0.1.1
  • moodle-id >= 1.9.8-0.1.1
  • moodle-is >= 1.9.8-0.1.1
  • moodle-it >= 1.9.8-0.1.1
  • moodle-ja >= 1.9.8-0.1.1
  • moodle-ka >= 1.9.8-0.1.1
  • moodle-km >= 1.9.8-0.1.1
  • moodle-kn >= 1.9.8-0.1.1
  • moodle-ko >= 1.9.8-0.1.1
  • moodle-lt >= 1.9.8-0.1.1
  • moodle-lv >= 1.9.8-0.1.1
  • moodle-mi_tn >= 1.9.8-0.1.1
  • moodle-ms >= 1.9.8-0.1.1
  • moodle-nl >= 1.9.8-0.1.1
  • moodle-nn >= 1.9.8-0.1.1
  • moodle-no >= 1.9.8-0.1.1
  • moodle-pl >= 1.9.8-0.1.1
  • moodle-pt >= 1.9.8-0.1.1
  • moodle-ro >= 1.9.8-0.1.1
  • moodle-ru >= 1.9.8-0.1.1
  • moodle-sk >= 1.9.8-0.1.1
  • moodle-sl >= 1.9.8-0.1.1
  • moodle-so >= 1.9.8-0.1.1
  • moodle-sq >= 1.9.8-0.1.1
  • moodle-sr >= 1.9.8-0.1.1
  • moodle-sv >= 1.9.8-0.1.1
  • moodle-th >= 1.9.8-0.1.1
  • moodle-tl >= 1.9.8-0.1.1
  • moodle-tr >= 1.9.8-0.1.1
  • moodle-uk >= 1.9.8-0.1.1
  • moodle-vi >= 1.9.8-0.1.1
  • moodle-zh_cn >= 1.9.8-0.1.1