CVE-2012-6112
First published: Sun Jan 27 2013(Updated: )
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/moodle/moodle | =2.4.0 | 2.4.1 |
| composer/moodle/moodle | >=2.3.0<2.3.4 | 2.3.4 |
| composer/moodle/moodle | >=2.2.0<2.2.7 | 2.2.7 |
| composer/moodle/moodle | >=2.1.0<2.1.10 | 2.1.10 |
| TinyMCE Spellchecker | =2.0 | |
| TinyMCE Spellchecker | =2.0-a1 | |
| TinyMCE Spellchecker | =2.0-a2 | |
| TinyMCE Spellchecker | =2.0-b1 | |
| TinyMCE Spellchecker | =2.0-b2 | |
| TinyMCE Spellchecker | =2.0-b3 | |
| TinyMCE Spellchecker | =2.0-rc1 | |
| TinyMCE Spellchecker | =2.0.1 | |
| TinyMCE Spellchecker | =2.0.2 | |
| TinyMCE Spellchecker | =2.0.3 | |
| TinyMCE Spellchecker | =2.0.6 | |
| Moodle | =2.1.0 | |
| Moodle | =2.1.1 | |
| Moodle | =2.1.2 | |
| Moodle | =2.1.3 | |
| Moodle | =2.1.4 | |
| Moodle | =2.1.5 | |
| Moodle | =2.1.6 | |
| Moodle | =2.1.7 | |
| Moodle | =2.1.8 | |
| Moodle | =2.1.9 | |
| Moodle | =2.2.0 | |
| Moodle | =2.2.1 | |
| Moodle | =2.2.2 | |
| Moodle | =2.2.3 | |
| Moodle | =2.2.4 | |
| Moodle | =2.2.5 | |
| Moodle | =2.2.6 | |
| Moodle | =2.3.0 | |
| Moodle | =2.3.1 | |
| Moodle | =2.3.2 | |
| Moodle | =2.3.3 | |
| Moodle | =2.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37283
- http://openwall.com/lists/oss-security/2013/01/21/1
- http://www.tinymce.com/develop/changelog/?type=phpspell
- http://www.tinymce.com/forum/viewtopic.php?id=30036
- https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
- https://moodle.org/mod/forum/discuss.php?d=220157
- https://nvd.nist.gov/vuln/detail/CVE-2012-6112
- https://github.com/moodle/moodle/commit/6fac8f7f04c9fe7f8bbb54a9c00ec5f9ea4f09e0
- https://github.com/moodle/moodle/commit/9803d8fc3ce08c8f8b88ad3a95d9a7c97678a3e3
- https://github.com/moodle/moodle/commit/a3243760c243ddad76e91840134009c3681cb16a
- https://github.com/moodle/moodle/commit/f938b1a89b8f381129120a37915d1b345333b3fb
- https://web.archive.org/web/20121015010345/http://www.tinymce.com/develop/changelog/?type=phpspell
- https://web.archive.org/web/20121129021911/http://www.tinymce.com/forum/viewtopic.php?id=30036
- https://github.com/advisories/GHSA-fx5h-3786-h2w6 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2012-6112?
CVE-2012-6112 is considered a medium severity vulnerability due to its potential to allow remote attackers to exploit it.
How do I fix CVE-2012-6112?
To fix CVE-2012-6112, upgrade to Moodle version 2.4.1, 2.3.4, 2.2.7, or 2.1.10 or later.
What software versions are affected by CVE-2012-6112?
CVE-2012-6112 affects TinyMCE Spellchecker versions up to 2.0.6 and Moodle versions prior to 2.1.10, 2.2.7, 2.3.4, and 2.4.1.
How does CVE-2012-6112 exploit control characters?
CVE-2012-6112 exploits the improper handling of control characters which can lead to information disclosure or remote code execution.
Is there a workaround for CVE-2012-6112?
There is no official workaround for CVE-2012-6112, so upgrading to the fixed versions is the recommended action.
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-fx5h-3786-h2w6
- alias/CVE-2012-6112
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/author
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/composer
- vendor/tinymce
- canonical/tinymce spellchecker
- version/tinymce spellchecker/2.0
- version/tinymce spellchecker/2.0-a1
- version/tinymce spellchecker/2.0-a2
- version/tinymce spellchecker/2.0-b1
- version/tinymce spellchecker/2.0-b2
- version/tinymce spellchecker/2.0-b3
- version/tinymce spellchecker/2.0-rc1
- version/tinymce spellchecker/2.0.1
- version/tinymce spellchecker/2.0.2
- version/tinymce spellchecker/2.0.3
- version/tinymce spellchecker/2.0.6
- vendor/moodle
- canonical/moodle
- version/moodle/2.1.0
- version/moodle/2.1.1
- version/moodle/2.1.2
- version/moodle/2.1.3
- version/moodle/2.1.4
- version/moodle/2.1.5
- version/moodle/2.1.6
- version/moodle/2.1.7
- version/moodle/2.1.8
- version/moodle/2.1.9
- version/moodle/2.2.0
- version/moodle/2.2.1
- version/moodle/2.2.2
- version/moodle/2.2.3
- version/moodle/2.2.4
- version/moodle/2.2.5
- version/moodle/2.2.6
- version/moodle/2.3.0
- version/moodle/2.3.1
- version/moodle/2.3.2
- version/moodle/2.3.3
- version/moodle/2.4.0