Moderate severityNVD Advisory· Published Jan 27, 2013· Updated Apr 29, 2026
CVE-2012-6112
CVE-2012-6112
Description
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 2.1.0, < 2.1.10 | 2.1.10 |
moodle/moodlePackagist | >= 2.2.0, < 2.2.7 | 2.2.7 |
moodle/moodlePackagist | >= 2.3.0, < 2.3.4 | 2.3.4 |
moodle/moodlePackagist | >= 2.4.0, < 2.4.1 | 2.4.1 |
Affected products
33cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tinymce:spellchecker_php:2.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:tinymce:spellchecker_php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0:a1:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0:a2:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0:b1:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0:b2:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0:b3:*:*:*:*:*:*
- cpe:2.3:a:tinymce:spellchecker_php:2.0:rc1:*:*:*:*:*:*
Patches
56fac8f7f04c9MDL-37283 import tinymce spellchecker 2.0.6.1
2 files changed · +4 −0
lib/editor/tinymce/tiny_mce/3.4.9/plugins/spellchecker/changelog.txt+2 −0 modified@@ -1,3 +1,5 @@ +Version 2.0.6.1 (2012-11-16) + Fixed security issue with google spellchecker. Version 2.0.6 (2011-09-29) Fixed incorrect position of suggestion menu. Fixed handling of mispelled words with no suggestions in PSpellShell engine.
lib/editor/tinymce/tiny_mce/3.4.9/plugins/spellchecker/classes/GoogleSpell.php+2 −0 modified@@ -51,6 +51,8 @@ function &getSuggestions($lang, $word) { } function &_getMatches($lang, $str) { + $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or - + $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters $server = "www.google.com"; $port = 443; $path = "/tbproxy/spell?lang=" . $lang . "&hl=en";
9803d8fc3ce0MDL-37283 import tinymce spellchecker 2.0.6.1
2 files changed · +4 −0
lib/editor/tinymce/tiny_mce/3.4.9/plugins/spellchecker/changelog.txt+2 −0 modified@@ -1,3 +1,5 @@ +Version 2.0.6.1 (2012-11-16) + Fixed security issue with google spellchecker. Version 2.0.6 (2011-09-29) Fixed incorrect position of suggestion menu. Fixed handling of mispelled words with no suggestions in PSpellShell engine.
lib/editor/tinymce/tiny_mce/3.4.9/plugins/spellchecker/classes/GoogleSpell.php+2 −0 modified@@ -51,6 +51,8 @@ function &getSuggestions($lang, $word) { } function &_getMatches($lang, $str) { + $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or - + $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters $server = "www.google.com"; $port = 443; $path = "/tbproxy/spell?lang=" . $lang . "&hl=en";
a3243760c243MDL-37283 import tinymce spellchecker 2.0.6.1
2 files changed · +4 −0
lib/editor/tinymce/tiny_mce/3.5.1.1/plugins/spellchecker/changelog.txt+2 −0 modified@@ -1,3 +1,5 @@ +Version 2.0.6.1 (2012-11-16) + Fixed security issue with google spellchecker. Version 2.0.6 (2011-09-29) Fixed incorrect position of suggestion menu. Fixed handling of mispelled words with no suggestions in PSpellShell engine.
lib/editor/tinymce/tiny_mce/3.5.1.1/plugins/spellchecker/classes/GoogleSpell.php+2 −0 modified@@ -51,6 +51,8 @@ function &getSuggestions($lang, $word) { } function &_getMatches($lang, $str) { + $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or - + $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters $server = "www.google.com"; $port = 443; $path = "/tbproxy/spell?lang=" . $lang . "&hl=en";
f938b1a89b8fMDL-37283 import tinymce spellchecker 2.0.6.1
2 files changed · +4 −0
lib/editor/tinymce/plugins/spellchecker/changelog.txt+2 −0 modified@@ -1,3 +1,5 @@ +Version 2.0.6.1 (2012-11-16) + Fixed security issue with google spellchecker. Version 2.0.6 (2011-09-29) Fixed incorrect position of suggestion menu. Fixed handling of mispelled words with no suggestions in PSpellShell engine.
lib/editor/tinymce/plugins/spellchecker/classes/GoogleSpell.php+2 −0 modified@@ -51,6 +51,8 @@ function &getSuggestions($lang, $word) { } function &_getMatches($lang, $str) { + $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or - + $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters $server = "www.google.com"; $port = 443; $path = "/tbproxy/spell?lang=" . $lang . "&hl=en";
22910187bfb9Fixed security issue with google spellchecker
2 files changed · +4 −0
changelog.txt+2 −0 modified@@ -1,3 +1,5 @@ +Version 2.0.6.1 (2012-11-16) + Fixed security issue with google spellchecker. Version 2.0.6 (2011-09-29) Fixed incorrect position of suggestion menu. Fixed handling of mispelled words with no suggestions in PSpellShell engine.
classes/GoogleSpell.php+2 −0 modified@@ -51,6 +51,8 @@ function &getSuggestions($lang, $word) { } function &_getMatches($lang, $str) { + $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or - + $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters $server = "www.google.com"; $port = 443; $path = "/tbproxy/spell?lang=" . $lang . "&hl=en";
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
13- www.tinymce.com/forum/viewtopic.phpnvdVendor Advisory
- github.com/advisories/GHSA-fx5h-3786-h2w6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2012-6112ghsaADVISORY
- openwall.com/lists/oss-security/2013/01/21/1nvdWEB
- github.com/moodle/moodle/commit/6fac8f7f04c9fe7f8bbb54a9c00ec5f9ea4f09e0ghsaWEB
- github.com/moodle/moodle/commit/9803d8fc3ce08c8f8b88ad3a95d9a7c97678a3e3ghsaWEB
- github.com/moodle/moodle/commit/a3243760c243ddad76e91840134009c3681cb16aghsaWEB
- github.com/moodle/moodle/commit/f938b1a89b8f381129120a37915d1b345333b3fbghsaWEB
- github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974nvdWEB
- moodle.org/mod/forum/discuss.phpnvdWEB
- web.archive.org/web/20121015010345/http://www.tinymce.com/develop/changelog/ghsaWEB
- web.archive.org/web/20121129021911/http://www.tinymce.com/forum/viewtopic.phpghsaWEB
- www.tinymce.com/develop/changelog/nvd
News mentions
0No linked articles in our index yet.