CVE-2012-0793

Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
moodlemoodle
1.9.1
moodlemoodle
1.9.2
moodlemoodle
1.9.3
moodlemoodle
1.9.4
moodlemoodle
1.9.5
moodlemoodle
1.9.6
moodlemoodle
1.9.7
moodlemoodle
1.9.8
moodlemoodle
1.9.9
moodlemoodle
1.9.10
moodlemoodle
1.9.11
moodlemoodle
1.9.12
moodlemoodle
1.9.13
moodlemoodle
1.9.14
moodlemoodle
1.9.15
moodlemoodle
2.0.0
moodlemoodle
2.0.1
moodlemoodle
2.0.2
moodlemoodle
2.0.3
moodlemoodle
2.0.4
moodlemoodle
2.0.5
moodlemoodle
2.0.6
moodlemoodle
2.1.0
moodlemoodle
2.1.1
moodlemoodle
2.1.2
moodlemoodle
2.1.3
moodlemoodle
2.2.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
moodle
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
Common Weakness Enumeration
References
http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=90911c4ff98dc2078a3acef5ddf5a1a8f7e20ba5
http://moodle.org/mod/forum/discuss.php?d=194012
http://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=783532
http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=90911c4ff98dc2078a3acef5ddf5a1a8f7e20ba5
http://moodle.org/mod/forum/discuss.php?d=194012
http://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=783532