CRITICAL🇵🇱 Wersja polska

CVE-2016-8705

CVSS 9.8v3.0pub. 2017-01-06upd. 2026-05-06

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Memcached

    APP
    Memcached
    ≤ 1.4.31
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2023-46853CRITICAL9.8ten sam produkt

In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is ...

CVE-2016-8704CRITICAL9.8ten sam produkt

An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processi...

CVE-2026-47783HIGH8.1ten sam produkt

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel ...

CVE-2026-47784HIGH8.1ten sam produkt

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel ...

CVE-2023-46852HIGH7.5ten sam produkt

In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there...