WEB APPLICATION VULNERABILITIES Standard & Premium

MongoDb Improper Input Validation Vulnerability (CVE-2013-1892)

Description

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Remediation

References

Related Vulnerabilities

Oracle JRE CVE-2018-2639 Vulnerability (CVE-2018-2639)

Moodle Improper Input Validation Vulnerability (CVE-2019-10134)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1130)

MySQL CVE-2011-2262 Vulnerability (CVE-2011-2262)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43721)

Severity

Medium

Classification

CVE-2013-1892 CWE-20

Tags

Missing Update Known Vulnerabilities