Lucene search
RedhatCVE-2011-4293HistoryJul 16, 2012 - 10:28 a.m.
CVE-2011-4293
2012-07-1610:28:37
CWE-264
redhat
web.nvd.nist.gov
23
4
moodle
theme implementation
access restrictions
cve-2011-4293
security vulnerability
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
78.0%
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
Affected configurations
Node
moodlemoodleMatch2.0.0
ORmoodlemoodleMatch2.0.1
ORmoodlemoodleMatch2.0.2
ORmoodlemoodleMatch2.0.3
ORmoodlemoodleMatch2.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | 2.0.0 | cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.1 | cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.2 | cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:* |
| moodle | moodle | 2.0.3 | cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:* |
| moodle | moodle | 2.1.0 | cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:* |
References
Social References
More
Related
ubuntucve
ubuntucve
CVE-2011-4293
2012-07-16 00:00:00
osv
osv
github
github
prion
prion
Design/Logic Flaw
2012-07-16 10:28:00
cvelist
cvelist
CVE-2011-4293
2012-07-16 10:00:00
nvd
nvd
CVE-2011-4293
2012-07-16 10:28:37
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
78.0%
Related for CVE-2011-4293