CVE-2009-1171

Publication date 30 March 2009

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a ”$$” sequence, which causes LaTeX to include the contents of the file.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
moodle 9.10 karmic
Fixed 1.9.4.dfsg-0ubuntu2
9.04 jaunty
Fixed 1.9.4.dfsg-0ubuntu1.1
8.10 intrepid
Fixed 1.8.2-1.2ubuntu2.1
8.04 LTS hardy
Fixed 1.8.2-1ubuntu4.2
7.10 gutsy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life

References

Related Ubuntu Security Notices (USN)

    • USN-791-2
    • Moodle vulnerability
    • 24 June 2009
    • USN-791-1
    • Moodle vulnerabilities
    • 24 June 2009

Other references