couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Lehnardt <...@apache.org>
Subject Fwd: CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash
Date Mon, 14 Jan 2013 10:32:51 GMT


Begin forwarded message:

> From: Jan Lehnardt <jan@apache.org>
> Subject: CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash
> Date: January 14, 2013 11:05:56 GMT+01:00
> To: "user@couchdb.apache.org" <user@couchdb.apache.org>, "security@couchdb.apache.org"
<security@couchdb.apache.org>, "security@apache.org" <security@apache.org>, full-disclosure@lists.grok.org.uk,
bugtraq@securityfocus.com
> Reply-To: user@couchdb.apache.org
> Reply-To: "security@couchdb.apache.org" <security@couchdb.apache.org>
> 
> CVE-2012-5649
> 
> JSONP arbitrary code execution with Adobe Flash
> 
> Severity: Moderate
> 
> Vendor: The Apache Software Foundation
> 
> Affected Versions:
> JSONP is supported but disabled by default in all currently supported
> releases of Apache CouchDB. Administrator access is required to enable it.
> Releases up to and including 1.0.3, 1.1.1, and 1.2.0 are vulnerable, if
> administrators have enabled JSONP.
> 
> Description:
> A hand-crafted JSONP callback and response can be used to run
> arbitrary code inside client-side browsers via Adobe Flash.
> 
> Mitigation:
> Upgrade to a supported release that includes this fix, such as
> CouchDB 1.0.4, 1.1.2, 1.2.1, and the future 1.3.x series, all of which
> include a specific fix.
> 
> Work-Around:
> Disable JSONP.
> 
> Jan Lehnardt
> -- 
> 


Mime
View raw message