DescriptionThe default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read.
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
|National Vulnerability Database|
SUSE Timeline for this CVECVE page created: Wed Jan 8 08:17:53 2014
CVE page last modified: Fri Oct 7 12:46:22 2022