Oval Definition:oval:com.ubuntu.precise:def:20147838000
Revision Date:2014-11-24Version:1
Title:CVE-2014-7838 on Ubuntu 12.04 LTS (precise) - medium.
Description:Multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within (1) mod/forum/deprecatedlib.php, (2) mod/forum/forum.js, (3) mod/forum/index.php, or (4) mod/forum/lib.php.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-7838
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND The 'moodle' package in precise is affected and needs fixing.
  • BACK