CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-9051

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.042

EPSS Ranking 88.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/96374
http://www.talosintelligence.com/reports/TALOS-2016-0265/
http://www.securityfocus.com/bid/96374
http://www.talosintelligence.com/reports/TALOS-2016-0265/

Products affected by CVE-2016-9051

Aerospike » Database Server » Version: 3.10.0.3

cpe:2.3:a:aerospike:database_server:3.10.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9051

Products

Pricing

Contact Us