CVE-2011-4586

NameCVE-2011-4586
DescriptionCRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2421-1
NVD severitymedium (attack range: remote)
Debian Bugs652235

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moodlesource(unstable)1.9.9.dfsg2-5medium652235
moodlesourcesqueeze1.9.9.dfsg2-2.1+squeeze3mediumDSA-2421-1

Search for package or bug name: Reporting problems