Lucene search
K

558 matches found

NVD
NVD
added 2013/10/01 8:55 p.m.26 views

CVE-2013-1892

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service invalid memory access and server crash or execute arbitrary code via a crafted memory address in the...

6CVSS7.2AI score0.44543EPSS
Exploits7References9
UbuntuCve
UbuntuCve
added 2013/10/01 8:55 p.m.29 views

CVE-2013-1892

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service invalid memory access and server crash or execute arbitrary code via a crafted memory address in the...

6CVSS7.4AI score0.44543EPSS
Exploits7References4
Debian CVE
Debian CVE
added 2013/10/01 8:0 p.m.35 views

CVE-2013-1892

Removed by vendor...

6CVSS8AI score0.44543EPSS
Exploits7
CVE
CVE
added 2013/10/01 8:0 p.m.107 views

CVE-2013-1892

CVE-2013-1892 affects MongoDB before 2.0.9 and 2.2.x before 2.2.4, where requests to the nativeHelper function in SpiderMonkey aren’t validated, allowing remote authenticated users to cause invalid memory access, server crash (DoS), or potentially arbitrary code execution via a crafted memory add...

6CVSS7.9AI score0.44543EPSS
Exploits7References9Affected Software1
Positive Technologies
Positive Technologies
added 2013/10/01 12:0 a.m.3 views

PT-2013-3452 · Mongodb · Mongodb

Name of the Vulnerable Software and Affected Versions: MongoDB versions prior to 2.0.9 MongoDB versions 2.2.x prior to 2.2.4 Description: The issue is related to improper validation of requests to the nativeHelper function in SpiderMonkey. This allows remote authenticated users to cause a denial ...

6CVSS8AI score0.44543EPSS
Exploits7References14
myhack58
myhack58
added 2013/09/04 12:0 a.m.489 views

MongoDB server-side injection-vulnerability warning-the black bar safety net

Security researchers agixid in the MongoDB database 2. 2. 3 version on found a security vulnerability, and represents a Metasploit exploit payload being developed. The vulnerability is mainly MongoDB incorrect use SpiderMonkey Javascript NativeHelper function, the result can be injected into the...

1.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/08/21 5:27 p.m.7 views

MongoDB: Server Side JavaScript Includes allow Remote Code Execution

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service invalid memory access and server crash or execute arbitrary code via a crafted memory address in the...

6CVSS7.7AI score0.44543EPSS
Exploits7References4
seebug.org
seebug.org
added 2013/04/09 12:0 a.m.37 views

MongoDB nativeHelper.apply Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score0.44543EPSS
Exploits7
exploitpack
exploitpack
added 2013/04/08 12:0 a.m.65 views

MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution

MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution Title: MongoDB nativeHelper.apply Remote Code Execution Author: agixid http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/ Software Link: http://fastdl.mongodb.org/linux/mongodb-linux-i686-2.2.3.tgz Version: 2.2.3 The following PoC...

Exploits0
Exploit DB
Exploit DB
added 2013/04/08 12:0 a.m.3724 views

MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution

Title: MongoDB nativeHelper.apply Remote Code Execution Author: agixid http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/ Software Link: http://fastdl.mongodb.org/linux/mongodb-linux-i686-2.2.3.tgz Version: 2.2.3 The following PoC exploits the "nativeHelper" feature in the spidermonkey...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/08 12:0 a.m.1244 views

MongoDB - nativeHelper.apply Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MongoDB nativeHelper.apply Remote Cod...

6CVSS7AI score0.44543EPSS
Exploits7
Packet Storm
Packet Storm
added 2013/04/02 12:0 a.m.79 views

MongoDB nativeHelper.apply Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MongoDB nativeHelper.apply Remote Cod...

6CVSS8.1AI score0.44543EPSS
Exploits7
myhack58
myhack58
added 2013/03/26 12:0 a.m.170 views

MongoDB server-side JavaScript injection-vulnerability warning-the black bar safety net

Security researchers agixid in the MongoDB database 2. 2. 3 version on found a security vulnerability, and represents a Metasploit exploit payload being developed. The vulnerability is mainly MongoDB incorrect use SpiderMonkey Javascript NativeHelper function, the result can be injected into the...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/09/30 12:0 a.m.45 views

Ubuntu Update for thunderbird USN-1213-1

Ubuntu Update for Linux kernel vulnerabilities USN-1213-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12131.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1213-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

10CVSS0.6AI score0.04379EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2011/09/29 12:0 a.m.64 views

Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1210-1)

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

10CVSS8.8AI score0.04379EPSS
Exploits2References7
Ubuntu
Ubuntu
added 2011/09/28 6:56 p.m.83 views

USN-1210-1: Firefox and Xulrunner vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

10CVSS8.9AI score0.04379EPSS
Exploits2
Fedora
Fedora
added 2011/06/24 5:58 p.m.14 views

[SECURITY] Fedora 15 Update: gjs-0.7.14-6.fc15

Gjs allows using GNOME libraries from Javascript. It's based on the Spidermonkey Javascript engine from Mozilla and the GObject introspection framework...

2.1AI score
Exploits0
Fedora
Fedora
added 2011/05/02 3:36 a.m.13 views

[SECURITY] Fedora 15 Update: gjs-0.7.14-3.fc15

Gjs allows using GNOME libraries from Javascript. It's based on the Spidermonkey Javascript engine from Mozilla and the GObject introspection framework...

2.1AI score
Exploits0
Rows per page
Query Builder