Published: 24/04/2015 Updated: 16/08/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The sqlite3VXPrintf function in printf.c in SQLite prior to 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent malicious users to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical ubuntu linux 12.04
canonical ubuntu linux 14.04
canonical ubuntu linux 15.04
sqlite sqlite
debian debian linux 8.0
apple mac os x
apple watchos
php php

Debian Bug report logs - #783968 sqlite3: CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 Package: src:sqlite3; Maintainer for src:sqlite3 is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 1 May 2015 17:54:01 UTC Severity: important Tags: fixed-upstream, securit ...

SQLite could be made to crash or run programs if it processed specially crafted queries ...

Michal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code For the stable distribution (jessie), these problems have been fixed in version 3871-1+deb8u1 For the testing distribution (stretch), these problems have been fixed in version 389-1 For the unstable distrib ...

A flaw was found in the way SQLite handled dequoting of collation-sequence names A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts (CVE-2015-3414) It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators A local a ...

It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts ...

CWE-190 http://www.sqlite.org/src/info/c494171f77dc2e5e04cb6d865e688448f04e5920 http://seclists.org/fulldisclosure/2015/Apr/31 http://www.debian.org/security/2015/dsa-3252 http://www.mandriva.com/security/advisories?name=MDVSA-2015:217 http://www.ubuntu.com/usn/USN-2698-1 https://support.apple.com/HT205267 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html https://support.apple.com/HT205213 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1033703 https://security.gentoo.org/glsa/201507-05 http://rhn.redhat.com/errata/RHSA-2015-1635.html http://rhn.redhat.com/errata/RHSA-2015-1634.html http://www.securityfocus.com/bid/74228 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783968 https://usn.ubuntu.com/2698-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-3416

CVE-2015-3416

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect