|
Description: | | An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. The vulnerability is due to improper handling of a fabric message containing a request to write a record element with malicious type value. |
|
Impact: | | A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability. |
|
Affected OS: | | Solaris, Other Unix, FreeBSD, Linux |
|
Reference: | | CVE-2016-9053
|
|