CVE-2013-1892

MEDIUM severity · CVSS 6 · Improper input validation

6CVSS MEDIUM

Summary

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Impact & exploitability

Attack vectorNetwork

Attack complexity—

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)52%

AV:N/AC:M/Au:S/C:P/I:P/A:P

Affected products we track (1)

MongoDB

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information

NVD record
http://rhn.redhat.com/errata/RHSA-2013-1170.htmlAdvisory
http://www.mongodb.org/about/alerts/Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html
http://www.exploit-db.com/exploits/24935
http://www.exploit-db.com/exploits/24947
http://www.openwall.com/lists/oss-security/2013/03/25/9
http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/Exploit