ID CVE-2019-19880
Summary exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
References
Vulnerable Configurations
  • cpe:2.3:a:sqlite:sqlite:3.30.1:*:*:*:*:*:*:*
    cpe:2.3:a:sqlite:sqlite:3.30.1:*:*:*:*:*:*:*
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 18-12-2019 - 06:15
Published 18-12-2019 - 06:15
Last modified 14-01-2020 - 11:15
Back to Top