9.8
CVE-2016-9051
- EPSS 6.86%
- Veröffentlicht 21.02.2017 22:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle talos-cna@cisco.com
- CVE-Watchlists
- Unerledigt
LoginAn exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Aerospike ≫ Database Server Version3.10.0.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.86% | 0.932 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| talos-cna@cisco.com | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
http://www.securityfocus.com/bid/96374
http://www.talosintelligence.com/reports/TALOS-2016-0265/