[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-20346Date: (C)2018-12-27   (M)2024-02-22


SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.1CVSS Score : 6.8
Exploit Score: 2.2Exploit Score: 8.6
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
BID-106323
FEDORA-2019-49f80a78bc
FreeBSD-EN-19:03
GLSA-201904-21
N/A
USN-4019-1
USN-4019-2
https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://access.redhat.com/articles/3758321
https://blade.tencent.com/magellan/index_en.html
https://bugzilla.redhat.com/show_bug.cgi?id=1659379
https://bugzilla.redhat.com/show_bug.cgi?id=1659677
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e
https://crbug.com/900910
https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
https://news.ycombinator.com/item?id=18685296
https://sqlite.org/src/info/940f2adc8541a838
https://sqlite.org/src/info/d44318f59044162e
https://support.apple.com/HT209443
https://support.apple.com/HT209446
https://support.apple.com/HT209447
https://support.apple.com/HT209448
https://support.apple.com/HT209450
https://support.apple.com/HT209451
https://worthdoingbadly.com/sqlitebug/
https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html
https://www.sqlite.org/releaselog/3_25_3.html
https://www.synology.com/security/advisory/Synology_SA_18_61
openSUSE-SU-2019:1159
openSUSE-SU-2019:1222

CPE    4
cpe:/o:debian:debian_linux:8.0
cpe:/a:google:chrome
cpe:/a:sqlite:sqlite
cpe:/o:redhat:linux:6.0
...
CWE    1
CWE-190
OVAL    19
oval:org.secpod.oval:def:50303
oval:org.secpod.oval:def:50316
oval:org.secpod.oval:def:89003115
oval:org.secpod.oval:def:89003370
...

© SecPod Technologies