CVE-2012-6112

NameCVE-2012-6112
Descriptionclasses/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs701667, 702387

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tinymce (PTS)jessie, stretch3.4.8+dfsg0-1fixed
buster3.4.8+dfsg0-2fixed
wordpress (PTS)jessie, jessie (lts)4.1.35+dfsg-0+deb8u1fixed
stretch (security), stretch (lts), stretch4.7.23+dfsg-0+deb9u1fixed
buster (security), buster, buster (lts)5.0.21+dfsg1-0+deb10u1fixed
bullseye (security), bullseye5.7.11+dfsg1-0+deb11u1fixed
bookworm (security), bookworm6.1.6+dfsg1-0+deb12u1fixed
sid, trixie6.6.1+dfsg1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moodlesourcesqueeze(not affected)
moodlesourcewheezy2.2.3.dfsg-2.6~wheezy2
moodlesource(unstable)2.5-1702387
tinymcesource(unstable)(not affected)
wordpresssourcesqueeze3.5.2+dfsg-1~deb6u1701667
wordpresssourcewheezy3.5.2+dfsg-1~deb7u1701667
wordpresssource(unstable)3.5.1+dfsg-2

Notes

- tinymce <not-affected> (TinyMCE Google spellchecker plugin)
[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
http://www.tinymce.com/develop/changelog/?type=phpspell
patch: https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
http://www.tinymce.com/forum/viewtopic.php?id=30036
Search for package or bug name: Reporting problems