CVE-2015-3416

by Fred · 24/04/2015

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

Date published : 2015-04-24

http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

CVE-2015-3416

Similar

Recent Posts

Categories

CVE-2015-3416

Share this:

Similar

Recent Posts

Categories

Tags