SQLite is vulnerable to integer overflow. An attacker may supply a crafted changes to FTS3 shadow tables, allowing execution arbitrary code by leveraging the ability to run arbitrary SQL statements.
CPE | Name | Operator | Version |
---|---|---|---|
sqlite3:stretch | eq | 3.16.2-5+deb9u1 | |
sqlite | le | 3.13.0 |
lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
seclists.org/fulldisclosure/2019/Jan/62
seclists.org/fulldisclosure/2019/Jan/64
seclists.org/fulldisclosure/2019/Jan/66
seclists.org/fulldisclosure/2019/Jan/67
seclists.org/fulldisclosure/2019/Jan/68
seclists.org/fulldisclosure/2019/Jan/69
www.securityfocus.com/bid/106698
kc.mcafee.com/corporate/index?page=content&id=SB10365
lists.debian.org/debian-lts-announce/2020/08/msg00037.html
seclists.org/bugtraq/2019/Jan/28
seclists.org/bugtraq/2019/Jan/29
seclists.org/bugtraq/2019/Jan/31
seclists.org/bugtraq/2019/Jan/32
seclists.org/bugtraq/2019/Jan/33
seclists.org/bugtraq/2019/Jan/39
security-tracker.debian.org/tracker/CVE-2018-20506
security.netapp.com/advisory/ntap-20190502-0004/
sqlite.org/src/info/940f2adc8541a838
support.apple.com/kb/HT209443
support.apple.com/kb/HT209446
support.apple.com/kb/HT209447
support.apple.com/kb/HT209448
support.apple.com/kb/HT209450
support.apple.com/kb/HT209451
usn.ubuntu.com/4019-1/
usn.ubuntu.com/4019-2/
www.oracle.com/security-alerts/cpuapr2020.html