Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1892

Опубликовано: 01 окт. 2013
Источник: nvd
CVSS2: 6
EPSS Средний

Описание

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
Версия до 2.0.8 (включая)
cpe:2.3:a:mongodb:mongodb:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:2.2.3:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.53527
Средний

6 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2013-1892

ubuntu
больше 12 лет назад

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

redhat логотип

CVE-2013-1892

redhat
почти 13 лет назад

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

debian логотип

CVE-2013-1892

debian
больше 12 лет назад

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate ...

github логотип

GHSA-vv9j-qmgv-fcp5

github
больше 3 лет назад

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

EPSS

Процентиль: 98%
0.53527
Средний

6 Medium

CVSS2

Дефекты

CWE-20