558 matches found
CVE-2013-1892
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service invalid memory access and server crash or execute arbitrary code via a crafted memory address in the...
CVE-2013-1892
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service invalid memory access and server crash or execute arbitrary code via a crafted memory address in the...
CVE-2013-1892
Removed by vendor...
CVE-2013-1892
CVE-2013-1892 affects MongoDB before 2.0.9 and 2.2.x before 2.2.4, where requests to the nativeHelper function in SpiderMonkey aren’t validated, allowing remote authenticated users to cause invalid memory access, server crash (DoS), or potentially arbitrary code execution via a crafted memory add...
PT-2013-3452 · Mongodb · Mongodb
Name of the Vulnerable Software and Affected Versions: MongoDB versions prior to 2.0.9 MongoDB versions 2.2.x prior to 2.2.4 Description: The issue is related to improper validation of requests to the nativeHelper function in SpiderMonkey. This allows remote authenticated users to cause a denial ...
MongoDB server-side injection-vulnerability warning-the black bar safety net
Security researchers agixid in the MongoDB database 2. 2. 3 version on found a security vulnerability, and represents a Metasploit exploit payload being developed. The vulnerability is mainly MongoDB incorrect use SpiderMonkey Javascript NativeHelper function, the result can be injected into the...
MongoDB: Server Side JavaScript Includes allow Remote Code Execution
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service invalid memory access and server crash or execute arbitrary code via a crafted memory address in the...
MongoDB nativeHelper.apply Remote Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution
MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution Title: MongoDB nativeHelper.apply Remote Code Execution Author: agixid http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/ Software Link: http://fastdl.mongodb.org/linux/mongodb-linux-i686-2.2.3.tgz Version: 2.2.3 The following PoC...
MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution
Title: MongoDB nativeHelper.apply Remote Code Execution Author: agixid http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/ Software Link: http://fastdl.mongodb.org/linux/mongodb-linux-i686-2.2.3.tgz Version: 2.2.3 The following PoC exploits the "nativeHelper" feature in the spidermonkey...
MongoDB - nativeHelper.apply Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MongoDB nativeHelper.apply Remote Cod...
MongoDB nativeHelper.apply Remote Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MongoDB nativeHelper.apply Remote Cod...
MongoDB server-side JavaScript injection-vulnerability warning-the black bar safety net
Security researchers agixid in the MongoDB database 2. 2. 3 version on found a security vulnerability, and represents a Metasploit exploit payload being developed. The vulnerability is mainly MongoDB incorrect use SpiderMonkey Javascript NativeHelper function, the result can be injected into the...
Ubuntu Update for thunderbird USN-1213-1
Ubuntu Update for Linux kernel vulnerabilities USN-1213-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12131.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1213-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...
Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1210-1)
Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...
USN-1210-1: Firefox and Xulrunner vulnerabilities
Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...
[SECURITY] Fedora 15 Update: gjs-0.7.14-6.fc15
Gjs allows using GNOME libraries from Javascript. It's based on the Spidermonkey Javascript engine from Mozilla and the GObject introspection framework...
[SECURITY] Fedora 15 Update: gjs-0.7.14-3.fc15
Gjs allows using GNOME libraries from Javascript. It's based on the Spidermonkey Javascript engine from Mozilla and the GObject introspection framework...