CVE-2009-1171

Name of the Vulnerable Software and Affected Versions Moodle versions 1.6 through 1.6.8, 1.7 through 1.7.6, 1.8 through 1.8.8, 1.9 through 1.9.4

Description The issue allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file. This is related to the TeX filter in Moodle.

Recommendations For Moodle versions 1.6 through 1.6.8, update to version 1.6.9 or later. For Moodle versions 1.7 through 1.7.6, update to version 1.7.7 or later. For Moodle versions 1.8 through 1.8.8, update to version 1.8.9 or later. For Moodle versions 1.9 through 1.9.4, update to version 1.9.5 or later.