Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-9037

Опубликовано: 23 дек. 2016
Источник: ubuntu
Приоритет: medium
CVSS2: 7.8
CVSS3: 7.5

Описание

An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.

РелизСтатусПримечание
artful

not-affected

1.7.2.385.g952d79e-1
bionic

DNE

cosmic

not-affected

1.7.2.385.g952d79e-1
devel

DNE

disco

not-affected

1.7.2.385.g952d79e-1
eoan

not-affected

1.7.2.385.g952d79e-1
esm-apps/focal

not-affected

1.7.2.385.g952d79e-1
esm-apps/jammy

not-affected

1.7.2.385.g952d79e-1
esm-apps/noble

not-affected

1.7.2.385.g952d79e-1
esm-apps/xenial

needed

Показывать по

Ссылки на источники

7.8 High

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2016-9037

CVSS3: 7.5
nvd
около 9 лет назад

An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.

debian логотип

CVE-2016-9037

CVSS3: 7.5
debian
около 9 лет назад

An exploitable out-of-bounds array access vulnerability exists in the ...

github логотип

GHSA-84pj-3xv4-7g42

CVSS3: 7.5
github
больше 3 лет назад

An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.

7.8 High

CVSS2

7.5 High

CVSS3