Description

MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.

Remediation

References

CVE-2015-1609

Related Vulnerabilities

Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-17898)

WordPress Plugin AnyComment Cross-Site Scripting (0.0.32)

WordPress Plugin Subscriber by BestWebSoft Cross-Site Scripting (1.3.4)

Python Uncontrolled Search Path Element Vulnerability (CVE-2020-15523)

WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)

Severity

Medium

Classification

CVE-2015-1609 CWE-20

Tags

Missing Update Known Vulnerabilities