Oval Definition:	oval:com.ubuntu.precise:def:20147836000
Revision Date: 2014-11-24 Version: 1 Title: CVE-2014-7836 on Ubuntu 12.04 LTS (precise) - medium. Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-7836 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'moodle' package in precise is affected and needs fixing.
BACK