CVE-2009-4299

NameCVE-2009-4299
Descriptionmod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1986-1
NVD severitymedium (attack range: remote)
Debian Bugs559531

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moodlesource(unstable)1.8.2.dfsg-6medium559531
moodlesourcelenny1.8.2.dfsg-3+lenny3mediumDSA-1986-1

Notes

MSA-09-0024

Search for package or bug name: Reporting problems