[Bug 206516] New: CVE-2006-4784, CVE-2006-4785, CVE-2006-4786: moodle multiple vulnerabilities

bugzilla at redhat.com bugzilla at redhat.com
Thu Sep 14 19:53:43 UTC 2006 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.




https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206516

           Summary: CVE-2006-4784, CVE-2006-4785, CVE-2006-4786: moodle
                    multiple vulnerabilities
           Product: Fedora Extras
           Version: fc5
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: high
          Priority: normal
         Component: moodle
        AssignedTo: imlinux at gmail.com
        ReportedBy: ville.skytta at iki.fi
         QAContact: extras-qa at fedoraproject.org
                CC: extras-qa at fedoraproject.org,fedora-security-
                    list at redhat.com


Moodle 1.6.1 and earlier are reportedly vulnerable to:
- cross site scripting (CVE-2006-4784)
- SQL injection (CVE-2006-4785)
- sensitive information disclosure (CVE-2006-4786)

FE-4, FE-5 and devel apparently affected.

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the Fedora-security-list mailing list