1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Candidate: CVE-2012-0792
PublicDate: 2012-07-17
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0792
http://openwall.com/lists/oss-security/2012/01/20/22
Description:
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote
authenticated users to obtain the names and other details of arbitrary user
accounts by searching for posts.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_moodle:
upstream: http://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=36b0ddeed45d0751508dcd9fa50f17fda43bae54
upstream_moodle: released (1.9.16)
hardy_moodle: ignored (reached end-of-life)
lucid_moodle: ignored (reached end-of-life)
maverick_moodle: ignored (reached end-of-life)
natty_moodle: ignored (reached end-of-life)
oneiric_moodle: ignored (reached end-of-life)
precise_moodle: not-affected (1.9.9.dfsg2-6)
quantal_moodle: not-affected (1.9.9.dfsg2-6)
raring_moodle: not-affected (1.9.9.dfsg2-6)
saucy_moodle: not-affected (1.9.9.dfsg2-6)
devel_moodle: not-affected (1.9.9.dfsg2-6)
|