SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  MongoDB Remote Code Execution

Category: DB-ATTACKS      

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1892


Relevant Information