Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-3415

Опубликовано: 24 апр. 2015
Источник: debian
EPSS Низкий

Описание

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sqlite3fixed3.8.9-1package
sqlite3not-affectedwheezypackage
sqlite3not-affectedsqueezepackage
sqlitenot-affectedpackage

Примечания

  • https://www.sqlite.org/src/info/02e3c88fbf6abdcf

  • http://seclists.org/bugtraq/2015/Apr/97

EPSS

Процентиль: 87%
0.03384
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-3415

ubuntu
больше 10 лет назад

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

redhat логотип

CVE-2015-3415

redhat
больше 10 лет назад

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

nvd логотип

CVE-2015-3415

nvd
больше 10 лет назад

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

github логотип

GHSA-p88q-qx6q-mhv3

github
больше 3 лет назад

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

oracle-oval логотип

ELSA-2015-1635

oracle-oval
около 10 лет назад

ELSA-2015-1635: sqlite security update (MODERATE)

EPSS

Процентиль: 87%
0.03384
Низкий