CVE-2018-20506 -- sqlite3ID: oval:org.secpod.oval:def:1902123 | Date: (C)2019-06-18 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements . This is a different vulnerability than CVE-2018-20346.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.04 |