|CVSS SCORE||6.9, (AV:L/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the dtrace implementation in SmartOS. A method within this implementation allows for an arbitrary write to occur from an out of bounds indexing issue which results in code execution. This allows an attacker to elevate privileges to escape a zone and achieve privileged execution on the headnode.
Joyent has issued an update to correct this vulnerability. More details can be found at: