CVE-2012-5649

Currently unrated

Key Information:

Vendor: Apache
Status: Couchdb
Vendor: CVE Published:; 23 May 2014

Summary

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.

References

http://www.securityfocus.com/bid/57314

vdb-entryx_refsource_BID

http://secunia.com/advisories/51765

third-party-advisoryx_refsource_SECUNIA

http://archives.neohapsis.com/archives/bugtraq/2013-01/00...

mailing-listx_refsource_BUGTRAQ

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 23, 2014
Vulnerability Reserved
Oct 24, 2012