Candidate: CVE-2014-3541
PublicDate: 2014-07-29 11:10:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3541
 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616
 http://seclists.org/oss-sec/2014/q3/194
Description:
 The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11,
 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows
 remote attackers to conduct PHP object injection attacks and execute
 arbitrary code via serialized data associated with an add-on.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Robin Bailey
Assigned-to:
CVSS: 

Patches_moodle:
upstream_moodle: released (2.7.1, 2.6.4, 2.5.7 and 2.4.11)
lucid_moodle: ignored (reached end-of-life)
precise_moodle: ignored (reached end-of-life)
precise/esm_moodle: DNE (precise was needed)
trusty_moodle: ignored (reached end-of-life)
trusty/esm_moodle: DNE (trusty was needed)
utopic_moodle: ignored (reached end-of-life)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: not-affected (2.7.5+dfsg-1)
yakkety_moodle: ignored (reached end-of-life)
zesty_moodle: ignored (reached end-of-life)
artful_moodle: ignored (reached end-of-life)
bionic_moodle: not-affected (2.7.5+dfsg-1)
cosmic_moodle: not-affected (2.7.5+dfsg-1)
disco_moodle: not-affected (2.7.5+dfsg-1)
devel_moodle: not-affected (2.7.5+dfsg-1)