Candidate: CVE-2015-5341
PublicDate: 2016-02-22 05:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5341
 https://moodle.org/mod/forum/discuss.php?d=323236#p1297707
Description:
 mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before
 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows
 remote authenticated users to bypass intended access restrictions and read
 SCORM contents via unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Juan Leyva
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N [4.3 MEDIUM]

Patches_moodle:
upstream_moodle: released (2.7.11+dfsg-1, 2.9.3, 2.8.9 and 2.7.11)
precise_moodle: ignored (reached end-of-life)
precise/esm_moodle: DNE (precise was needed)
trusty_moodle: ignored (reached end-of-life)
trusty/esm_moodle: DNE (trusty was needed)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: not-affected (2.7.11+dfsg-2)
yakkety_moodle: not-affected (2.7.11+dfsg-2)
zesty_moodle: not-affected (2.7.11+dfsg-2)
artful_moodle: not-affected (2.7.11+dfsg-2)
bionic_moodle: not-affected (2.7.11+dfsg-2)
cosmic_moodle: not-affected (2.7.11+dfsg-2)
disco_moodle: not-affected (2.7.11+dfsg-2)
devel_moodle: not-affected (2.7.11+dfsg-2)