CVE-2009-1171
CVE-2009-1171
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
cve_referencewww.exploit-db.com/exploits/8297no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.htmlhttp://secunia.com/advisories/34517http://secunia.com/advisories/34557http://secunia.com/advisories/34600http://secunia.com/advisories/35570https://usn.ubuntu.com/791-2/https://www.exploit-db.com/exploits/8297https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.htmlhttp://tracker.moodle.org/browse/MDL-18552http://www.debian.org/security/2009/dsa-1761