CVE-2009-1171
Last modified
CVE-2009-1171 is a vulnerability of currently unknown severity. The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.. EPSS estimates a 6.24% chance of exploitation in the next 30 days.
Description
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Moodle | Moodle | 1.6.0 |
| Moodle | Moodle | 1.6.1 |
| Moodle | Moodle | 1.6.2 |
| Moodle | Moodle | 1.6.3 |
| Moodle | Moodle | 1.6.4 |
| Moodle | Moodle | 1.6.5 |
| Moodle | Moodle | 1.6.6 |
| Moodle | Moodle | 1.6.7 |
| Moodle | Moodle | 1.6.8 |
| Moodle | Moodle | 1.7.1 |
| Moodle | Moodle | 1.7.2 |
| Moodle | Moodle | 1.7.3 |
| Moodle | Moodle | 1.7.4 |
| Moodle | Moodle | 1.7.5 |
| Moodle | Moodle | 1.7.6 |
| Moodle | Moodle | 1.8.1 |
| Moodle | Moodle | 1.8.2 |
| Moodle | Moodle | 1.8.3 |
| Moodle | Moodle | 1.8.4 |
| Moodle | Moodle | 1.8.5 |
| Moodle | Moodle | 1.8.6 |
| Moodle | Moodle | 1.8.7 |
| Moodle | Moodle | 1.8.8 |
| Moodle | Moodle | 1.9.1 |
| Moodle | Moodle | 1.9.2 |
| Moodle | Moodle | 1.9.3 |
| Moodle | Moodle | 1.9.4 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-1171?
How severe is CVE-2009-1171?
How do I fix CVE-2009-1171?
Are you affected by CVE-2009-1171?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST