Red Hat Bugzilla – Bug 985499
Last modified: 2014-05-03 01:47:29 EDT
Similar to CVE-2013-1892, it was reported  that MongoDB suffers from remote code execution This flaw requires read-write access to the MongoDB database to execute arbitrary code; however it looks as though read-only access could be used to cause the database to crash.
CVE request is here:
At least 2.2.3 through to and including 2.4.4 are vulnerable. Upstream has indicated that they are currently working on a fix.
The CVE identifier of CVE-2013-4142 has been assigned to this issue:
This was improperly assigned CVE-2013-4142, it should be CVE-2013-3969 instead as per http://www.openwall.com/lists/oss-security/2013/07/30/10