CVE-2012-1157

Published: Nov 14, 2019Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default

Affected (4)

Products: Moodle: Moodle · Fedoraproject: Fedora

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Moodle Moodle	Before 2.2.2

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 15
Fedoraproject Fedora	Version 16
Fedoraproject Fedora	Version 17

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (18)

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/security/cve/cve-2012-1157

Source: secalert@redhat.com

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1157

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://moodle.org/mod/forum/discuss.php?d=198624

Source: secalert@redhat.com

PatchVendor Advisory

https://security-tracker.debian.org/tracker/CVE-2012-1157

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html