2 matches found
MongoDB libbson denial of service vulnerability
MongoDB libbson is a U.S. MongoDB company provides a utility library to build and parse BSON documents and other functions . A security vulnerability exists in the 'bson-itercodewscope' function of the bson-iter.c file in MongoDB libbson version 1.7.0. A remote attacker can exploit this...
UBUNTU-CVE-2017-14227
In MongoDB libbson 1.7.0, the bsonitercodewscope function in bson-iter.c miscalculates a bsonutf8validate length argument, which allows remote attackers to cause a denial of service heap-based buffer over-read in the bsonutf8validate function in bson-utf8.c, as demonstrated by bson-to-json.c...