ByteOS Network

NVD Vulnerability Details :

CVE-2009-4299

Modified

Source-cve@mitre.org

Published At-16 Dec, 2009 | 01:30

Updated At-23 Apr, 2026 | 00:35

mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 5.0

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

Moodle Pty Ltd

>>moodle>>1.8.1

cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.2

cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.3

cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.4

cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.5

cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.7

cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.8

cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.9

cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.8.10

cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.9.1

cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.9.2

cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.9.3

cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.9.4

cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.9.5

cpe:2.3:a:moodle:moodle:1.9.5:*:*:*:*:*:*:*

Moodle Pty Ltd

>>moodle>>1.9.6

cpe:2.3:a:moodle:moodle:1.9.6:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-264	Primary	nvd@nist.gov

CWE ID: CWE-264

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://docs.moodle.org/en/Moodle_1.8.11_release_notes	cve@mitre.org	Patch
http://docs.moodle.org/en/Moodle_1.9.7_release_notes	cve@mitre.org	Patch
http://moodle.org/mod/forum/discuss.php?d=139103	cve@mitre.org	Patch Vendor Advisory
http://secunia.com/advisories/37614	cve@mitre.org	Vendor Advisory
http://www.securityfocus.com/bid/37244	cve@mitre.org	Patch
http://www.vupen.com/english/advisories/2009/3455	cve@mitre.org	Patch Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html	cve@mitre.org	N/A
http://docs.moodle.org/en/Moodle_1.8.11_release_notes	af854a3a-2127-422b-91ae-364da2661108	Patch
http://docs.moodle.org/en/Moodle_1.9.7_release_notes	af854a3a-2127-422b-91ae-364da2661108	Patch
http://moodle.org/mod/forum/discuss.php?d=139103	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://secunia.com/advisories/37614	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.securityfocus.com/bid/37244	af854a3a-2127-422b-91ae-364da2661108	Patch
http://www.vupen.com/english/advisories/2009/3455	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html	af854a3a-2127-422b-91ae-364da2661108	N/A