CVE-2015-3414

by Fred · 24/04/2015

SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.

Date published : 2015-04-24

http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

CVE-2015-3414

Similar

Recent Posts

Categories

CVE-2015-3414

Share this:

Similar

Recent Posts

Categories

Tags