| Title | Moodle およびその他の製品で使用される PHPMailer library における任意の電子メールヘッダーを挿入される脆弱性 |
|---|---|
| Summary | Moodle およびその他の製品使用される PHPMailer library の class.phpmailer.php には、任意の電子メールヘッダーを挿入される脆弱性が存在します。 |
| Possible impacts | リモート認証されたユーザにより、任意の電子メールヘッダーを挿入される可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Jan. 17, 2012, midnight |
| Registration Date | July 18, 2012, 6:35 p.m. |
| Last Update | July 18, 2012, 6:35 p.m. |
| CVSS2.0 : 警告 | |
| Score | 4 |
|---|---|
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
| Moodle |
| Moodle 1.9.16 未満の 1.9.x |
| Moodle 2.0.7 未満の 2.0.x |
| Moodle 2.1.4 未満の 2.1.x |
| Moodle 2.2.1 未満の 2.2.x |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2012年07月18日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header. |
|---|---|
| Publication Date | July 17, 2012, 7:20 p.m. |
| Registration Date | Jan. 28, 2021, 2:54 p.m. |
| Last Update | Nov. 21, 2024, 10:35 a.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.11:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.12:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.10:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.13:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.14:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.15:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.8:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:* | |||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.0.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:* | |||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:* | |||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:* | |||||