CVE-2016-5013
Vulnerability from cvelistv5
Published
2017-01-20 08:39
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/92040 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://moodle.org/mod/forum/discuss.php?d=336698 | Mitigation, Patch, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=336698"
},
{
"name": "92040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-20T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=336698"
},
{
"name": "92040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=336698",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=336698"
},
{
"name": "92040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5013",
"datePublished": "2017-01-20T08:39:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:40.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-5013\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-01-20T08:59:00.220\",\"lastModified\":\"2020-12-01T14:54:51.107\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.\"},{\"lang\":\"es\",\"value\":\"En Moodle 2.x y 3.x, puede ocurrir inyecci\u00f3n de texto en las cabeceras de email, conduciendo potencialmente a salida de spam.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.14\",\"matchCriteriaId\":\"395C67C8-C6B4-4490-96B4-9004EC02FCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12737AF4-B2D5-4661-B06A-6A06FE95EC2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88C59A94-D225-478A-B23E-41C4324BC643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"192EA69B-A1E1-4E0D-8E73-76EB74CCDE49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D88385B1-EEFB-4825-BD8F-215C39FD86DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3BE2782-D167-4237-B57D-2E4C04571524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F277F979-12FA-47A5-B0A5-D174C2127A7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38498617-8E45-4E73-AE9F-C7A0D18FDE47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9047769-BFF4-42DB-8B19-F6D16FA910A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73A75ACE-FED2-4830-B259-744ABF25463E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F04EBA18-DFFF-4529-B647-98191325663B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3A746AB-5D58-4196-962A-D22454C3550B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B549AD98-4DC5-4BE8-B3E0-3EEF1833E6D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.8.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F030E8C-0C49-41DC-9D40-A704A563C156\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9224D94-1C48-468C-A39B-B2694ED178F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7EE9AD-E122-4288-9416-6D8F8790D75D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4FC2CC1-787B-480F-BC41-538CE2507CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"098BADF2-C1D3-406E-9E79-E25483178C99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"611B027A-38D6-445E-BFA9-FA68524147DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5654B446-F7A5-49D4-90D9-478C18220A32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E7CA637-D1BF-437D-8AD9-A21AE97E8681\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C22EB95-6D8F-45F8-A000-795E259CF06D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65FE0DC7-131E-4ED1-9CFF-70C79995A0B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80B3EEF9-F300-461F-9407-0FFB3E3CD421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C702CFE-417E-45E2-94DD-07A9DADDA89E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D6DBB2B-5DAF-452F-9336-F8AB5825F638\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0033EC68-98DB-42E6-A256-EFA05F6EC72E\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/92040\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://moodle.org/mod/forum/discuss.php?d=336698\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.