FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sqlite -- multiple vulnerabilities

Affected packages
sqlite3 < 3.8.9

Details

VuXML ID dec3164f-3121-45ef-af18-bb113ac5082f
Discovery 2015-04-14
Entry 2015-04-18
Modified 2015-05-08

NVD reports:

SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

References

CVE Name CVE-2015-3414
CVE Name CVE-2015-3415
CVE Name CVE-2015-3416
Message http://seclists.org/fulldisclosure/2015/Apr/31
URL https://www.sqlite.org/src/info/02e3c88fbf6abdcf
URL https://www.sqlite.org/src/info/c494171f77dc2e5e
URL https://www.sqlite.org/src/info/eddc05e7bb31fae7