Moderate severityNVD Advisory· Published Nov 18, 2008· Updated Apr 23, 2026
CVE-2008-5153
CVE-2008-5153
Description
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 1.9.0, < 1.9.4 | 1.9.4 |
moodle/moodlePackagist | >= 1.8.0, < 1.8.8 | 1.8.8 |
moodle/moodlePackagist | >= 1.7.0, < 1.7.7 | 1.7.7 |
moodle/moodlePackagist | >= 1.6.0, < 1.6.9 | 1.6.9 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- uvw.ru/report.sid.txtnvdExploit
- github.com/advisories/GHSA-x7r4-26m9-hmgqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2008-5153ghsaADVISORY
- lists.debian.org/debian-devel/2008/08/msg00347.htmlnvdWEB
- www.debian.org/security/2009/dsa-1724nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/46708nvdWEB
- web.archive.org/web/20090821033319/http://secunia.com/advisories/33955ghsaWEB
- web.archive.org/web/20110511083352/http://uvw.ru/report.sid.txtghsaWEB
- web.archive.org/web/20141121115305/http://www.securityfocus.com/bid/32402ghsaWEB
- secunia.com/advisories/33955nvd
- www.securityfocus.com/bid/32402nvd
News mentions
0No linked articles in our index yet.