CVE-2012-6619

2014-03-06T15:55:00
ID CVE-2012-6619
Type cve
Reporter cve@mitre.org
Modified 2014-05-07T03:45:00

Description

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.