WEB APPLICATION VULNERABILITIES Standard & Premium

MongoDb Improper Input Validation Vulnerability (CVE-2013-1892)

Description

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Remediation

References

Related Vulnerabilities

Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)

WordPress Plugin wpCommentTwit Cross-Site Request Forgery (0.5)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.10)

WordPress Plugin Contact Form Unspecified Vulnerability (1.2)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-25703)

Severity

Medium

Classification

CVE-2013-1892 CWE-20

Tags

Missing Update Known Vulnerabilities