Required CVE Record Information
Description
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.
References 15 Total
- rhn.redhat.com: RHSA-2015:1635 vendor-advisory
- securitytracker.com: 1033703 vdb-entry
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- securityfocus.com: 74228 vdb-entry
- lists.apple.com: APPLE-SA-2015-09-30-3 vendor-advisory
- security.gentoo.org: GLSA-201507-05 vendor-advisory
- ubuntu.com: USN-2698-1 vendor-advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- https://support.apple.com/HT205267
- lists.apple.com: APPLE-SA-2015-09-21-1 vendor-advisory
- https://www.sqlite.org/src/info/eddc05e7bb31fae74daa86e0504a3478b99fa0f2
- mandriva.com: MDVSA-2015:217 vendor-advisory
- https://support.apple.com/HT205213
- debian.org: DSA-3252 vendor-advisory
- seclists.org: 20150414 several issues in SQLite (+ catching up on several other bugs) mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 15 Total
- rhn.redhat.com: RHSA-2015:1635 vendor-advisoryx_transferred
- securitytracker.com: 1033703 vdb-entryx_transferred
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html x_transferred
- securityfocus.com: 74228 vdb-entryx_transferred
- lists.apple.com: APPLE-SA-2015-09-30-3 vendor-advisoryx_transferred
- security.gentoo.org: GLSA-201507-05 vendor-advisoryx_transferred
- ubuntu.com: USN-2698-1 vendor-advisoryx_transferred
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html x_transferred
- https://support.apple.com/HT205267 x_transferred
- lists.apple.com: APPLE-SA-2015-09-21-1 vendor-advisoryx_transferred
- https://www.sqlite.org/src/info/eddc05e7bb31fae74daa86e0504a3478b99fa0f2 x_transferred
- mandriva.com: MDVSA-2015:217 vendor-advisoryx_transferred
- https://support.apple.com/HT205213 x_transferred
- debian.org: DSA-3252 vendor-advisoryx_transferred
- seclists.org: 20150414 several issues in SQLite (+ catching up on several other bugs) mailing-listx_transferred