Lucene search
HistorySep 19, 2012 - 10:57 a.m.
CVE-2012-4403
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
70.5%
theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a request for a nonexistent resource and then reading the response.
Affected configurations
Node
moodlemoodleMatch2.3.0
ORmoodlemoodleMatch2.3.1
Related
ubuntucve
ubuntucve
CVE-2012-4403
2012-09-19 00:00:00
cve
cve
CVE-2012-4403
2012-09-19 10:57:07
prion
prion
Design/Logic Flaw
2012-09-19 10:57:00
cvelist
cvelist
CVE-2012-4403
2012-09-19 10:00:00
veracode
veracode
Information Disclosure
2017-06-23 03:04:50
openvas
openvas
Fedora Update for moodle FEDORA-2012-14295
2012-10-03 00:00:00
Fedora Update for moodle FEDORA-2012-14295
2012-10-03 00:00:00
Fedora Update for moodle FEDORA-2012-14348
2012-10-03 00:00:00
nessus
nessus
Fedora 16 : moodle-2.1.8-1.fc16 (2012-14295)
2012-09-27 00:00:00
Moodle 2.3.x < 2.3.2 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 17 : moodle-2.2.5-1.fc17 (2012-14348)
2012-09-27 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: moodle-2.2.5-1.fc17
2012-09-27 04:28:10
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
70.5%
Related for NVD:CVE-2012-4403