Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-2513

Опубликовано: 22 мая 2017
Источник: debian

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SQL statement.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sqlite3fixed3.15.2-1package
sqlite3not-affectedjessiepackage
sqlite3not-affectedwheezypackage
sqlitenot-affectedpackage

Примечания

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=171

  • https://clusterfuzz-external.appspot.com/testcase?key=5770842466156544

  • Fixed by: https://www.sqlite.org/src/info/c5dbc599b910c02a

Связанные уязвимости

ubuntu логотип

CVE-2017-2513

CVSS3: 9.8
ubuntu
больше 8 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SQL statement.

nvd логотип

CVE-2017-2513

CVSS3: 9.8
nvd
больше 8 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SQL statement.

github логотип

GHSA-2pr2-cxfq-398w

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SQL statement.

fstec логотип

BDU:2017-01382

fstec
больше 8 лет назад

Уязвимость компонента SQLite операционных систем Mac OS X и iOS, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код