Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-5649

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.

Related bugs and status

CVE-2012-5649 (Candidate) is related to these bugs:

Bug #1212481: [FFE] CouchDB 1.4.0 needed to work with Erlang 16.b.1

Summary				In	Importance	Status
	1212481	[FFE] CouchDB 1.4.0 needed to work with Erlang 16.b.1		couchdb (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

BUGTRAQ: 20130114 CVE-2012-5649...
FEDORA: FEDORA-2013-1375
FEDORA: FEDORA-2013-1387
MANDRIVA: MDVSA-2013:067
BID: 57314
SECUNIA: 51765