Candidate: CVE-2011-4301
PublicDate: 2012-07-11 10:26:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4301
Description:
 The MoodleQuickForm class in the Forms Library in lib/formslib.php in
 Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does
 not recognize Forms API setConstant operations, which allows remote
 attackers to submit unexpected form content by modifying the values of
 constant fields.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_moodle:
upstream_moodle: needs-triage
hardy_moodle: ignored (reached end-of-life)
lucid_moodle: ignored (reached end-of-life)
maverick_moodle: ignored (reached end-of-life)
natty_moodle: ignored (reached end-of-life)
oneiric_moodle: ignored (reached end-of-life)
precise_moodle: not-affected (1.9.9.dfsg2-4)
quantal_moodle: not-affected (1.9.9.dfsg2-4)
raring_moodle: not-affected (1.9.9.dfsg2-4)
saucy_moodle: not-affected (1.9.9.dfsg2-4)
devel_moodle: not-affected (1.9.9.dfsg2-4)