Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-1171

EPSS 9.25% · P93
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-1171

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Moodle 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Moodle是一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle 1.6.9+之前的1.6版本,1.7.7+之前的1.7版本,1.8.9之前的1.8版本和1.9.5之前的1.9版本中的Tex过滤器允许用户协助式攻击者借助"$$"序列中的一个输入指令,读取任意文件。这会导致LaTeX包含该文件的内容。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-1171

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-1171

登录查看更多情报信息。

Same Patch Batch · n/a · 2009-03-30 · 28 CVEs total

CVE-2008-6537LightNEasy 'LightNEasy/lightneasy.php'信息泄露漏洞
CVE-2008-6550Davidbourrier Glossaire 'glossaire.php'跨站脚本攻击漏洞
CVE-2008-6549MoinMoin 'config/multiconfig.py'拒绝服务攻击漏洞
CVE-2008-6548MoinMoin 'parser/text_rst.py'访问控制授权漏洞
CVE-2008-6547FormEncode 'schema.py' 安全绕过漏洞
CVE-2008-6546alecwh phpns 未明漏洞
CVE-2008-6545Comscripts Web Server Creator 'createdb.php'远程文件包含漏洞
CVE-2008-6544Simple Machines Forum 'Sources/Subs-Graphics.php和Sources/Themes.php'远程文件漏洞
CVE-2008-6543Comscripts Quick Classifieds 'DOCUMENT_ROOT'多个远程文件包含漏洞
CVE-2008-6542DotNetNuke 皮肤管理器远程漏洞
CVE-2008-6541DotNetNuke 文件管理模块远程文件上传访问控制漏洞
CVE-2008-6540DotNetNuke 默认'ValidationKey'和 'DecriptionKey' 弱加密漏洞
CVE-2008-6539Holger_Schurig Destar Add User静态代码注入漏洞
CVE-2008-6538Holger_Schurig Destar 'config/add/CfgOptUser'请求访问控制漏洞
CVE-2008-6554Aztech ADSL2/2+ 4端口路由器 远程指令注入漏洞
CVE-2008-65367-Zip 未明缓冲储存器处理漏洞
CVE-2007-6721Bouncycastle OpenSSL畸形ASN.1结构处理拒绝服务漏洞
CVE-2009-1170OpenSolaris Module Debugger Process Cross Zone 本地特权升级漏洞
CVE-2009-0115Device Mapper Device Mapper多路径驱动程序权限许可和访问控制漏洞
CVE-2008-6553Impliedbydesign Micro CMS 'microcms-admin-home.php'安全绕过漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-1171

No comments yet

Leave a comment