CVE-2013-1892

2013-10-01T16:55:03
ID CVE-2013-1892
Type cve
Reporter NVD
Modified 2013-11-30T23:27:24

Description

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.