Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM60F9C5A6A14BE367913B58DF580EE50C6C7E3396500C99E5420F6C7942C1CCBD
HistoryJun 16, 2018 - 9:39 p.m.

Security Bulletin: A vulnerability in SQLite affects IBM Security Network Protection (CVE-2015-3416)

2018-06-1621:39:11
www.ibm.com
18

0.005 Low

EPSS

Percentile

76.8%

JSON

Summary

A security vulnerability has been discovered in SQLite used with IBM Security Network Protection.

Vulnerability Details

CVEID: CVE-2015-3416**
DESCRIPTION:** SQLite is vulnerable to a denial of service, caused by the failure to properly handle precision and width values during floating-point conversions by the sqlite3VXPrintf function in printf.c. A remote attacker could exploit this vulnerability using large integers in a crafted printf function call to cause a denial of service and possibly have other unspecified impact.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/102594 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected Products and Versions

IBM Security Network Protection 5.3.1
IBM Security Network Protection 5.3.2

Remediation/Fixes

Product

| VRMF| Remediation/First Fix
—|—|—
IBM Security Network Protection| Firmware version 5.3.1| Download Firmware 5.3.1.8 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface.
IBM Security Network Protection| Firmware version 5.3.2| Install Firmware 5.3.2.2 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector.

Workarounds and Mitigations

None

Related

oraclelinux 2
nessus 32
debian 2
ibm 5
ubuntucve 2
openvas 19
redhat 2
cve 1
centos 2
prion 1
nvd 1
f5 2
debiancve 1
cvelist 1
veracode 1
osv 2
freebsd 1
amazon 4
securityvulns 4
gentoo 1
kaspersky 1
ubuntu 1
mageia 1
openwrt 1
slackware 1
apple 4
oracle 1
oraclelinux
oraclelinux
sqlite security update
2015-08-17 00:00:00
sqlite security update
2015-08-17 00:00:00
nessus
nessus
Oracle Linux 6 : sqlite (ELSA-2015-1634)
2015-08-18 00:00:00
CentOS 6 : sqlite (CESA-2015:1634)
2015-08-18 00:00:00
RHEL 6 : sqlite (RHSA-2015:1634)
2015-08-18 00:00:00
debian
debian
[SECURITY] [DSA 3252-2] sqlite3 security update
2015-06-14 15:09:43
[SECURITY] [DSA 3252-1] sqlite3 security update
2015-05-06 20:22:58
ibm
ibm
Security Bulletin: A vulnerability in SQLite affects IBM Security Access Manager for Mobile (CVE-2015-3416)
2018-06-16 21:41:16
Security Bulletin: A vulnerability in SQLite affects IBM Security Access Manager for Web (CVE-2015-3416)
2018-06-16 21:41:16
Security Bulletin: Vulnerabilities in Python, rpcbind, SQLite affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:33:00
ubuntucve
ubuntucve
CVE-2015-3416
2015-04-24 00:00:00
CVE-2015-6607
2015-10-06 00:00:00
openvas
openvas
RedHat Update for sqlite RHSA-2015:1634-01
2015-08-18 00:00:00
Oracle: Security Advisory (ELSA-2015-1634)
2015-10-06 00:00:00
CentOS Update for lemon CESA-2015:1634 centos6
2015-08-18 00:00:00
redhat
redhat
(RHSA-2015:1634) Moderate: sqlite security update
2015-08-17 00:00:00
(RHSA-2015:1635) Moderate: sqlite security update
2015-08-17 00:00:00
cve
cve
CVE-2015-3416
2015-04-24 17:59:02
centos
centos
lemon, sqlite security update
2015-08-17 15:33:32
lemon, sqlite security update
2015-08-17 16:54:44
prion
prion
Integer overflow
2015-04-24 17:59:00
nvd
nvd
CVE-2015-3416
2015-04-24 17:59:02
f5
f5
SOL16950 - SQLite vulnerability CVE-2015-3416
2015-07-10 00:00:00
K16950 : SQLite vulnerability CVE-2015-3416
2015-07-10 00:00:00
debiancve
debiancve
CVE-2015-3416
2015-04-24 17:59:02
cvelist
cvelist
CVE-2015-3416
2015-04-24 17:00:00
veracode
veracode
Arbitrary Code Execution
2020-09-21 06:25:35
osv
osv
sqlite3 - security update
2015-05-06 00:00:00
sqlite3 - security update
2015-05-06 00:00:00
freebsd
freebsd
sqlite -- multiple vulnerabilities
2015-04-14 00:00:00
amazon
amazon
Medium: sqlite
2015-09-02 12:00:00
Medium: php54
2015-07-07 12:39:00
Medium: php56
2015-07-07 12:40:00
securityvulns
securityvulns
SQLite multiple security vulnerabilities
2015-05-05 00:00:00
[ MDVSA-2015:217 ] sqlite3
2015-05-05 00:00:00
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
2015-10-05 00:00:00
gentoo
gentoo
SQLite: Multiple vulnerabilities
2015-07-07 00:00:00
kaspersky
kaspersky
KLA10565 Denial of service vulnerabilities in SQLite
2015-04-24 00:00:00
ubuntu
ubuntu
SQLite vulnerabilities
2015-07-30 00:00:00
mageia
mageia
Updated Firefox, Thunderbird & sqlite3 packages fix security vulnerabilities
2015-05-18 22:08:05
openwrt
openwrt
php: Security update (7 CVEs)
2016-01-28 12:23:45
slackware
slackware
[slackware-security] php
2015-07-17 20:25:21
apple
apple
About the security content of iTunes 12.6
2017-03-21 00:00:00
About the security content of iTunes 12.6 - Apple Support
2017-03-22 07:40:40
About the security content of iTunes 12.6 for Windows
2017-03-21 00:00:00
oracle
oracle
CPU July 2018
2018-07-17 00:00:00

0.005 Low

EPSS

Percentile

76.8%

JSON
Related for 60F9C5A6A14BE367913B58DF580EE50C6C7E3396500C99E5420F6C7942C1CCBD
oraclelinux2nessus32debian2ibm5ubuntucve2openvas19redhat2cve1centos2prion1nvd1f52debiancve1cvelist1veracode1osv2freebsd1amazon4securityvulns4gentoo1kaspersky1ubuntu1mageia1openwrt1slackware1apple4oracle1