mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-12-15 12:22:09 +00:00
85 lines
2.4 KiB
JSON
85 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2009-4298",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"url" : "http://docs.moodle.org/en/Moodle_1.8.11_release_notes"
|
|
},
|
|
{
|
|
"url" : "http://docs.moodle.org/en/Moodle_1.9.7_release_notes"
|
|
},
|
|
{
|
|
"url" : "http://moodle.org/mod/forum/discuss.php?d=139102"
|
|
},
|
|
{
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html"
|
|
},
|
|
{
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html"
|
|
},
|
|
{
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html"
|
|
},
|
|
{
|
|
"url" : "http://www.securityfocus.com/bid/37244"
|
|
},
|
|
{
|
|
"url" : "http://secunia.com/advisories/37614"
|
|
},
|
|
{
|
|
"url" : "http://www.vupen.com/english/advisories/2009/3455"
|
|
}
|
|
]
|
|
}
|
|
}
|