Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash
Jan 14 2013 10:05AM
Jan Lehnardt (jan apache org)
JSONP arbitrary code execution with Adobe Flash
Vendor: The Apache Software Foundation
JSONP is supported but disabled by default in all currently supported
releases of Apache CouchDB. Administrator access is required to enable it.
[ more ]
Copyright 2010, SecurityFocus