cve-2012-6112
Vulnerability from cvelistv5
Published
2013-01-27 22:00
Modified
2024-08-06 21:28
Severity ?
Summary
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.
References
secalert@redhat.comhttp://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283
secalert@redhat.comhttp://openwall.com/lists/oss-security/2013/01/21/1
secalert@redhat.comhttp://www.tinymce.com/develop/changelog/?type=phpspell
secalert@redhat.comhttp://www.tinymce.com/forum/viewtopic.php?id=30036Vendor Advisory
secalert@redhat.comhttps://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
secalert@redhat.comhttps://moodle.org/mod/forum/discuss.php?d=220157
af854a3a-2127-422b-91ae-364da2661108http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2013/01/21/1
af854a3a-2127-422b-91ae-364da2661108http://www.tinymce.com/develop/changelog/?type=phpspell
af854a3a-2127-422b-91ae-364da2661108http://www.tinymce.com/forum/viewtopic.php?id=30036Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
af854a3a-2127-422b-91ae-364da2661108https://moodle.org/mod/forum/discuss.php?d=220157
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:28:38.908Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.tinymce.com/forum/viewtopic.php?id=30036"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-37283"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.tinymce.com/develop/changelog/?type=phpspell"
          },
          {
            "name": "[oss-security] 20130121 Moodle security notifications public",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/01/21/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://moodle.org/mod/forum/discuss.php?d=220157"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-01-27T22:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.tinymce.com/forum/viewtopic.php?id=30036"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-37283"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.tinymce.com/develop/changelog/?type=phpspell"
        },
        {
          "name": "[oss-security] 20130121 Moodle security notifications public",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/01/21/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://moodle.org/mod/forum/discuss.php?d=220157"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-6112",
    "datePublished": "2013-01-27T22:00:00Z",
    "dateReserved": "2012-12-06T00:00:00Z",
    "dateUpdated": "2024-08-06T21:28:38.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6163C806-B28B-4773-BF84-53788BD113B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:a1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E81966C7-D128-4CFD-9A52-520D161779C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:a2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0273780B-6A60-41C5-BBDC-7094D83042D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:b1:*:*:*:*:*:*\", \"matchCriteriaId\": \"51351EF6-F5C0-48C6-B81C-EA68EB2AB985\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:b2:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE7F0375-A2D8-4F04-B5CE-DDEA09EC380A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:b3:*:*:*:*:*:*\", \"matchCriteriaId\": \"30DE507D-CDD1-40F2-870A-DC36C4A10CBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D919FBFE-DFCB-4A3D-A8E7-F1E79821808D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB502999-18F3-48FA-B01F-2A9C75573E89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35637126-0FE9-4916-8BFE-545618AD542C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1C08902-9E25-40FF-8D2D-A61E39E97F6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tinymce:spellchecker_php:2.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DE98361-6EE0-44DB-8D29-29CEEAF59FFB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18C6F348-DAE9-4440-8B3A-8D92ADC6606F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"367537BF-CBDF-4CBB-91B4-6E5A567EF605\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DABBF325-C48A-4838-AC5D-0565C78976CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02B72177-DFB0-4242-9ED6-068E5751579B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7226EE65-CC9F-4FDA-9791-3C8047D5C04C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDC55ECE-8185-4FC0-A4C9-14AABD136650\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADFDE1FC-992E-4610-A62D-282B448402AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E8EA8F6-D689-4726-9B02-0C555EFF56AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"633480C9-D415-4BF9-9185-547EAB7ADBE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4994E7C-196E-4EDC-B192-836AB3C8731B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15A73CE2-73DA-4274-89E0-DD9A413ED17F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39075F6E-2925-4897-B1DE-C86A066DF54B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"179DBC2B-B35F-4A19-B522-DF996D5E13E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA527724-B44E-46B6-BA53-A83B012EA376\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31A8CAEA-CCCF-4678-B61E-0FFE439890DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C22E1EB-57DA-4E3C-BF38-29E2F50AEBF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25F99A03-DD94-4380-8E6B-C95D3A57D6EF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD575CF-2AF2-443F-841D-F7E25FBD455A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC2A1954-E30F-40EC-BA59-40D29573E7D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25EA194F-BE9D-49A8-AA35-FC7810C06643\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C3888D8-8219-4DE4-8E6C-84F58AFD3B15\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8E52813-E056-4A5C-8BF5-4DD5EF5BF041\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.\"}, {\"lang\": \"es\", \"value\": \"classes/GoogleSpell.php en PHP Spellchecker (tambi\\u00e9n conocido como Google Spellchecker) complemento anterior a v2.0.6.1 para TinyMCE, tambi\\u00e9n usado en Moodle v2.1.x anterior a v2.1.10, v2.2.x anterior a v2.2.7, v2.3.x anterior a v2.3.4, y 2.4.x anterior a v2.4.1 y otros productos, no maneja adecuadamente los caracteres de control, lo que permite a atacantes remotos ejecutar peticiones arbitrarias HTTP fuera de l\\u00edmite, a trav\\u00e9s de cadenas modificadas.\"}]",
      "id": "CVE-2012-6112",
      "lastModified": "2024-11-21T01:45:50.903",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-01-27T22:55:04.320",
      "references": "[{\"url\": \"http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-37283\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2013/01/21/1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.tinymce.com/develop/changelog/?type=phpspell\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.tinymce.com/forum/viewtopic.php?id=30036\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://moodle.org/mod/forum/discuss.php?d=220157\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-37283\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2013/01/21/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.tinymce.com/develop/changelog/?type=phpspell\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.tinymce.com/forum/viewtopic.php?id=30036\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://moodle.org/mod/forum/discuss.php?d=220157\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-6112\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-01-27T22:55:04.320\",\"lastModified\":\"2024-11-21T01:45:50.903\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.\"},{\"lang\":\"es\",\"value\":\"classes/GoogleSpell.php en PHP Spellchecker (tambi\u00e9n conocido como Google Spellchecker) complemento anterior a v2.0.6.1 para TinyMCE, tambi\u00e9n usado en Moodle v2.1.x anterior a v2.1.10, v2.2.x anterior a v2.2.7, v2.3.x anterior a v2.3.4, y 2.4.x anterior a v2.4.1 y otros productos, no maneja adecuadamente los caracteres de control, lo que permite a atacantes remotos ejecutar peticiones arbitrarias HTTP fuera de l\u00edmite, a trav\u00e9s de cadenas modificadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6163C806-B28B-4773-BF84-53788BD113B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:a1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E81966C7-D128-4CFD-9A52-520D161779C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:a2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0273780B-6A60-41C5-BBDC-7094D83042D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"51351EF6-F5C0-48C6-B81C-EA68EB2AB985\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE7F0375-A2D8-4F04-B5CE-DDEA09EC380A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DE507D-CDD1-40F2-870A-DC36C4A10CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D919FBFE-DFCB-4A3D-A8E7-F1E79821808D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB502999-18F3-48FA-B01F-2A9C75573E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35637126-0FE9-4916-8BFE-545618AD542C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C08902-9E25-40FF-8D2D-A61E39E97F6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinymce:spellchecker_php:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE98361-6EE0-44DB-8D29-29CEEAF59FFB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18C6F348-DAE9-4440-8B3A-8D92ADC6606F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"367537BF-CBDF-4CBB-91B4-6E5A567EF605\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DABBF325-C48A-4838-AC5D-0565C78976CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B72177-DFB0-4242-9ED6-068E5751579B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7226EE65-CC9F-4FDA-9791-3C8047D5C04C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDC55ECE-8185-4FC0-A4C9-14AABD136650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADFDE1FC-992E-4610-A62D-282B448402AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8EA8F6-D689-4726-9B02-0C555EFF56AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"633480C9-D415-4BF9-9185-547EAB7ADBE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4994E7C-196E-4EDC-B192-836AB3C8731B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15A73CE2-73DA-4274-89E0-DD9A413ED17F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39075F6E-2925-4897-B1DE-C86A066DF54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"179DBC2B-B35F-4A19-B522-DF996D5E13E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA527724-B44E-46B6-BA53-A83B012EA376\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31A8CAEA-CCCF-4678-B61E-0FFE439890DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C22E1EB-57DA-4E3C-BF38-29E2F50AEBF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25F99A03-DD94-4380-8E6B-C95D3A57D6EF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD575CF-2AF2-443F-841D-F7E25FBD455A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC2A1954-E30F-40EC-BA59-40D29573E7D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25EA194F-BE9D-49A8-AA35-FC7810C06643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C3888D8-8219-4DE4-8E6C-84F58AFD3B15\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8E52813-E056-4A5C-8BF5-4DD5EF5BF041\"}]}]}],\"references\":[{\"url\":\"http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-37283\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2013/01/21/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.tinymce.com/develop/changelog/?type=phpspell\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.tinymce.com/forum/viewtopic.php?id=30036\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://moodle.org/mod/forum/discuss.php?d=220157\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-37283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2013/01/21/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.tinymce.com/develop/changelog/?type=phpspell\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.tinymce.com/forum/viewtopic.php?id=30036\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://moodle.org/mod/forum/discuss.php?d=220157\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.