CVE-2009-4298 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-4298 Interim 1 5 2023-12-09T02:00:39Z current 2021-05-30T12:49:30Z 2023-12-09T02:00:39Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-4298 The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KMSGWTGNMZ6OBF4PSADAZBORDOW6FLX6/#KMSGWTGNMZ6OBF4PSADAZBORDOW6FLX6 E-Mail link for SUSE-SR:2010:004 https://www.suse.com/support/security/rating/ SUSE Security Ratings The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors. CVE-2009-4298 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N