Description

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.

Remediation

References

CVE-2015-1609

Related Vulnerabilities

MySQL CVE-2024-21130 Vulnerability (CVE-2024-21130)

WordPress Plugin wp Dreamwork Gallery 'upload.php' Arbitrary File Upload (2.1)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4040)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24408)

Oracle Database Server CVE-2009-1997 Vulnerability (CVE-2009-1997)

Severity

Medium

Classification

CVE-2015-1609 CWE-20

Tags

Missing Update Known Vulnerabilities