| Name | CVE-2012-6112 |
| Description | classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 701667, 702387 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| tinymce (PTS) | buster | 3.4.8+dfsg0-2 | fixed |
| wordpress (PTS) | buster | 5.0.15+dfsg1-0+deb10u1 | fixed |
| buster (security) | 5.0.21+dfsg1-0+deb10u1 | fixed | |
| bullseye (security), bullseye | 5.7.8+dfsg1-0+deb11u2 | fixed | |
| bookworm | 6.1.1+dfsg1-1 | fixed | |
| trixie | 6.5+dfsg1-1 | fixed | |
| sid | 6.5.2+dfsg1-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| moodle | source | squeeze | (not affected) | |||
| moodle | source | wheezy | 2.2.3.dfsg-2.6~wheezy2 | |||
| moodle | source | (unstable) | 2.5-1 | 702387 | ||
| tinymce | source | (unstable) | (not affected) | |||
| wordpress | source | squeeze | 3.5.2+dfsg-1~deb6u1 | 701667 | ||
| wordpress | source | wheezy | 3.5.2+dfsg-1~deb7u1 | 701667 | ||
| wordpress | source | (unstable) | 3.5.1+dfsg-2 |
- tinymce <not-affected> (TinyMCE Google spellchecker plugin)
[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
http://www.tinymce.com/develop/changelog/?type=phpspell
patch: https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
http://www.tinymce.com/forum/viewtopic.php?id=30036