← Retour aux CVEs
CVE-2016-9051
CRITICAL9.8
Description
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie2/21/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
aerospike:database_server
Faiblesses (CWE)
CWE-787
References
http://www.securityfocus.com/bid/96374(talos-cna@cisco.com)
http://www.talosintelligence.com/reports/TALOS-2016-0265/(talos-cna@cisco.com)
http://www.securityfocus.com/bid/96374(af854a3a-2127-422b-91ae-364da2661108)
http://www.talosintelligence.com/reports/TALOS-2016-0265/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.