CVE-2013-1892

Published: Oct 1, 2013Modified: Apr 29, 2026

6.0

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 6.8 / Impact: 6.4

Source: NVD

Description

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Affected (18)

Products: Mongodb: Mongodb · Redhat: Enterprise Mrg

1 product

1 product

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Mongodb Mongodb	Up to 2.0.8
Mongodb Mongodb	Version 1.2.0
Mongodb Mongodb	Version 1.4.0
Mongodb Mongodb	Version 1.6.0
Mongodb Mongodb	Version 1.8.0
Mongodb Mongodb	Version 2.0.0
Mongodb Mongodb	Version 2.0.1
Mongodb Mongodb	Version 2.0.2
Mongodb Mongodb	Version 2.0.3
Mongodb Mongodb	Version 2.0.4
Mongodb Mongodb	Version 2.0.5
Mongodb Mongodb	Version 2.0.6
Mongodb Mongodb	Version 2.0.7
Mongodb Mongodb	Version 2.2.0
Mongodb Mongodb	Version 2.2.1
Mongodb Mongodb	Version 2.2.2
Mongodb Mongodb	Version 2.2.3

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Mrg	Version 2.3

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/

Source: secalert@redhat.com

Exploit

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2013-1170.html

Source: secalert@redhat.com

Vendor Advisory

http://www.exploit-db.com/exploits/24935

Source: secalert@redhat.com

http://www.exploit-db.com/exploits/24947

Source: secalert@redhat.com

http://www.mongodb.org/about/alerts/

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2013/03/25/9

Source: secalert@redhat.com

https://jira.mongodb.org/browse/SERVER-9124

Source: secalert@redhat.com

http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2013-1170.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.exploit-db.com/exploits/24935

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.exploit-db.com/exploits/24947

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mongodb.org/about/alerts/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2013/03/25/9

Source: af854a3a-2127-422b-91ae-364da2661108

https://jira.mongodb.org/browse/SERVER-9124

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.