ID CVE-2017-15286
Summary SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.
References
Vulnerable Configurations
  • cpe:2.3:a:sqlite:sqlite:3.20.1
    cpe:2.3:a:sqlite:sqlite:3.20.1
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
refmap via4
bid 101285
misc https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
Last major update 12-10-2017 - 04:29
Published 12-10-2017 - 04:29
Last modified 27-10-2017 - 10:18
Back to Top