CVE-2012-6112

NONECVSS 0.0

0.0

classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.

🔗 References (12)

secalert@redhathttp://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283
secalert@redhathttp://openwall.com/lists/oss-security/2013/01/21/1
secalert@redhathttp://www.tinymce.com/develop/changelog/?type=phpspell
secalert@redhathttp://www.tinymce.com/forum/viewtopic.php?id=30036
secalert@redhathttps://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
secalert@redhathttps://moodle.org/mod/forum/discuss.php?d=220157
af854a3a-2127-422b-91ae-364da2661108http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2013/01/21/1
af854a3a-2127-422b-91ae-364da2661108http://www.tinymce.com/develop/changelog/?type=phpspell
af854a3a-2127-422b-91ae-364da2661108http://www.tinymce.com/forum/viewtopic.php?id=30036
af854a3a-2127-422b-91ae-364da2661108https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
af854a3a-2127-422b-91ae-364da2661108https://moodle.org/mod/forum/discuss.php?d=220157

Is Your Infrastructure Affected by CVE-2012-6112?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-6112

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-6112?