ID CVE-2011-4586
Summary CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.11:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.11:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.12:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.12:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.13:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.13:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.14:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.14:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 13-02-2023 - 01:21)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
confirm
debian DSA-2421
Last major update 13-02-2023 - 01:21
Published 20-07-2012 - 10:40
Last modified 13-02-2023 - 01:21
Back to Top