mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.
docs.moodle.org/en/Moodle_1.8.11_release_notes
docs.moodle.org/en/Moodle_1.9.7_release_notes
moodle.org/mod/forum/discuss.php?d=139103
secunia.com/advisories/37614
www.securityfocus.com/bid/37244
www.vupen.com/english/advisories/2009/3455
www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html
www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html
www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html