Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-5649
HistoryMay 23, 2014 - 12:00 a.m.

CVE-2012-5649

2014-05-2300:00:00
ubuntu.com
ubuntu.com
11

0.058 Low

EPSS

Percentile

93.4%

JSON

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1
allows remote attackers to execute arbitrary code via a JSONP callback,
related to Adobe Flash.

Notes

Author Note
jdstrand JSONP is disabled by default on Ubuntu 11.10 and later it isn’t clear why the patch fixes the issue. Could apply patch to disable jsonp by default supported use of couchdb is not used in this manner on Ubuntu 10.04 LTS

Related

prion 1
cvelist 1
cve 1
securityvulns 2
nessus 6
openvas 4
fedora 2
prion
prion
Design/Logic Flaw
2014-05-23 14:55:00
cvelist
cvelist
CVE-2012-5649
2014-05-23 14:00:00
cve
cve
CVE-2012-5649
2014-05-23 14:55:00
securityvulns
securityvulns
CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash
2013-01-14 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-01-14 00:00:00
nessus
nessus
Fedora 18 : couchdb-1.2.1-2.fc18 (2013-1375)
2013-02-04 00:00:00
Mandriva Linux Security Advisory : couchdb (MDVSA-2013:067)
2013-04-20 00:00:00
Fedora 17 : couchdb-1.2.1-2.fc17 (2013-1387)
2013-02-04 00:00:00
openvas
openvas
Fedora Update for couchdb FEDORA-2013-1375
2013-02-04 00:00:00
Fedora Update for couchdb FEDORA-2013-1375
2013-02-04 00:00:00
Fedora Update for couchdb FEDORA-2013-1387
2013-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: couchdb-1.2.1-2.fc17
2013-02-02 04:27:53
[SECURITY] Fedora 18 Update: couchdb-1.2.1-2.fc18
2013-02-02 04:25:54

0.058 Low

EPSS

Percentile

93.4%

JSON
Related for UB:CVE-2012-5649
prion1cvelist1cve1securityvulns2nessus6openvas4fedora2