Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.Referenceshttp://www.securityfocus.com/bid/57314http://secunia.com/advisories/51765http://archives.neohapsis.com/archives/bugtraq/2013-01/0057.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-February/098092.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-February/098089.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:067
