Description
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.
Remediation
References
Related Vulnerabilities
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)
WordPress Plugin wpCommentTwit Cross-Site Request Forgery (0.5)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.10)
WordPress Plugin Contact Form Unspecified Vulnerability (1.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-25703)