CVE-2016-9050

Summary

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to trigger a denial of service. An attacker can simply connect to the port and send the packet to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
AerospikeDatabase Server3.10.0.3affected

Weaknesses

  • out-of-bounds read

ADP Enrichment

CVE Program Container

Additional References

References