Lucene search

Ubuntu.comUB:CVE-2006-4942

HistorySep 23, 2006 - 12:00 a.m.

CVE-2006-4942

2006-09-2300:00:00

ubuntu.com

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

EPSS

0.002

Percentile

58.7%

JSON

Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex
filters, allows remote authenticated users to write LaTeX or MimeTeX output
files to the top level of the dataroot directory via (a)
filter/algebra/pix.php or (b) filter/tex/pix.php.

References

launchpad.net/bugs/cve/CVE-2006-4942

nvd.nist.gov/vuln/detail/CVE-2006-4942

security-tracker.debian.org/tracker/CVE-2006-4942

www.cve.org/CVERecord?id=CVE-2006-4942

CVSS2

4.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

EPSS

0.002

Percentile

58.7%

JSON

Related for UB:CVE-2006-4942