Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MongoDB 输入验证错误漏洞
Vulnerability Description
MongoDB是美国MongoDB公司的一种面向文档的数据库管理系统。 MongoDB 2.0.8及之前的版本和2.2.4之前的2.2.x版本存在输入验证错误漏洞,该漏洞源于SpiderMonkey组件中的nativeHelper函数中没有正确验证请求。远程经过授权的攻击者可借助特制的内存地址利用该漏洞造成拒绝服务(无效的内存访问和服务器崩溃)或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A