Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-2520

Опубликовано: 22 мая 2017
Источник: debian
EPSS Средний

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sqlite3fixed3.16.2-1package
sqlite3not-affectedwheezypackage
sqlitenot-affectedpackage

Примечания

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384

  • https://clusterfuzz-external.appspot.com/testcase?key=5694101458518016

  • Fixed by: https://www.sqlite.org/src/info/2dc7eeb5b4d2eaf1

EPSS

Процентиль: 93%
0.1061
Средний

Связанные уязвимости

ubuntu логотип

CVE-2017-2520

CVSS3: 9.8
ubuntu
больше 8 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.

nvd логотип

CVE-2017-2520

CVSS3: 9.8
nvd
больше 8 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.

github логотип

GHSA-wj7x-vfpp-jppw

CVSS3: 9.8
github
больше 3 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.

fstec логотип

BDU:2017-01380

fstec
больше 8 лет назад

Уязвимость компонента SQLite операционных систем Mac OS X и iOS, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

EPSS

Процентиль: 93%
0.1061
Средний