NVD

Id
22256  
Name
CVE-2016-9033  
Description
An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9035.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2016-12-14  
Modified Date
2016-12-22  
Seq
2016-9033  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
118496 22256 CVE-2016-9033 94928  View
118497 22256 CVE-2016-9033 http://www.talosintelligence.com/reports/TALOS-2016-0251/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
64551 JVNDB-2016-006326 Joyent SmartOS の Hyprlofs ファイルシステムにおけるバッファオーバーフローの脆弱性 Joyent SmartOS の Hyprlofs ファイルシステムの Ioctl システムコールの HYPRLOFS_ADD_ENTRIES コマンドには、ネイティブファイルシステムの処理の際に、バッファオーバーフローの脆弱性が存在します。 CVE-2016-9033 95540 CVE-2016-9033 22256 6.9 7 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-006326.html 2016-12-12 2016-12-21 View