Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and server crash) or possibly execute arbitrary code via an invalid RefDB object.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MongoDB ‘conn’Mongo 对象远程代码执行漏洞
Vulnerability Description
MongoDB是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB 2.4.0至2.4.4版本中的scripting/engine_v8.h文件中的find属性中存在拒绝服务漏洞。远程经过授权的攻击者可借助无效的RefDB对象利用该漏洞造成拒绝服务(未初始化指针引用和服务器崩溃)或可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A