Oval Definition:	oval:com.ubuntu.trusty:def:20147836000
Revision Date: 2014-11-24 Version: 1 Title: CVE-2014-7836 on Ubuntu 14.04 LTS (trusty) - medium. Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-7836 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'moodle' package in trusty is affected and needs fixing.
BACK