cvelistv5 - cve-2013-7443

CVE-2013-7443 (GCVE-0-2013-7443)

Vulnerability from cvelistv5

Published

2015-08-12 14:00

Modified

2024-08-06 18:09

Severity ?

CWE

Summary

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

References

URL

Tags

security@ubuntu.com	http://ubuntu.com/usn/usn-2698-1
security@ubuntu.com	http://www.openwall.com/lists/oss-security/2015/07/14/5
security@ubuntu.com	http://www.openwall.com/lists/oss-security/2015/07/15/4
security@ubuntu.com	http://www.securityfocus.com/bid/76089
security@ubuntu.com	https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758
security@ubuntu.com	https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897	Exploit, Vendor Advisory
security@ubuntu.com	https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-2698-1
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/07/14/5
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/07/15/4
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/76089
af854a3a-2127-422b-91ae-364da2661108	https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758
af854a3a-2127-422b-91ae-364da2661108	https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698	Exploit

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:09:16.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
          },
          {
            "name": "76089",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/76089"
          },
          {
            "name": "[oss-security] 20150715 Re: CVE Request: SQLite array overrun in the skip-scan optimization",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
          },
          {
            "name": "[oss-security] 20150714 CVE Request: SQLite array overrun in the skip-scan optimization",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
          },
          {
            "name": "USN-2698-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-2698-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
        },
        {
          "name": "76089",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/76089"
        },
        {
          "name": "[oss-security] 20150715 Re: CVE Request: SQLite array overrun in the skip-scan optimization",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
        },
        {
          "name": "[oss-security] 20150714 CVE Request: SQLite array overrun in the skip-scan optimization",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
        },
        {
          "name": "USN-2698-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-2698-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2013-7443",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
            },
            {
              "name": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698",
              "refsource": "CONFIRM",
              "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
            },
            {
              "name": "76089",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/76089"
            },
            {
              "name": "[oss-security] 20150715 Re: CVE Request: SQLite array overrun in the skip-scan optimization",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
            },
            {
              "name": "[oss-security] 20150714 CVE Request: SQLite array overrun in the skip-scan optimization",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
            },
            {
              "name": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897",
              "refsource": "CONFIRM",
              "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
            },
            {
              "name": "USN-2698-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-2698-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2013-7443",
    "datePublished": "2015-08-12T14:00:00",
    "dateReserved": "2015-07-15T00:00:00",
    "dateUpdated": "2024-08-06T18:09:16.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-7443\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2015-08-12T14:59:00.107\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer en la optimizaci\u00f3n skip-scan en SQLite 3.8.2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de sentencias SQL manipuladas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sqlite:sqlite:3.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDFE183D-49BD-4C8F-882D-5B0438F251AD\"}]}]}],\"references\":[{\"url\":\"http://ubuntu.com/usn/usn-2698-1\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/14/5\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/15/4\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://www.securityfocus.com/bid/76089\",\"source\":\"security@ubuntu.com\"},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758\",\"source\":\"security@ubuntu.com\"},{\"url\":\"https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://ubuntu.com/usn/usn-2698-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/14/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/07/15/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/76089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
  }
}

CERTFR-2020-AVI-645

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS NFX Series versions antérieures à 20.2R1
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.3R12-S16, 12.3X48-D105, 14.1X53-D53, 15.1R7-S8, 15.1X49-D220, 15.1X53-D593, 16.1R7-S8, 16.2R2-S11, 17.1R2-S11, 17.2R3-S4, 17.2X75-D45, 17.3R3-S9, 17.4R2-S12, 17.4R3-S3, 18.1R3-S10, 18.2R2-S7, 18.2R3S6, 18.2X75-D435, 18.3R1-S7, 18.3R2-S4, 18.3R3-S3, 18.4R1-S7, 18.4R2-S5, 18.4R3-S4, 19.1R1-S5, 19.1R2-S2, 19.1R3-S2, 19.2R1-S5, 19.2R2, 19.3R2-S3, 19.3R3, 19.4R1-S3, 19.4R2-S1, 19.4R3, 20.1R1-S2, 20.1R2, 20.2R1
Juniper Networks	Secure Analytics	Juniper Secure Analytics versions antérieures à 7.4.0
Juniper Networks	N/A	Juniper Networks Junos Space et Junos Space Security Director versions antérieures à 20.2R1
Juniper Networks	Junos OS	Junos OS MX series et EX9200 Series versions antérieures à 17.2R3-S4, 17.2X75-D102, 17.2X75-D110, 17.3R3-S8, 17.4R2-S11, 17.4R3-S2, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2X75-D30, 18.3R2-S4, 18.3R3-S2
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 20.1R2-EVO
Juniper Networks	Junos OS	Junos OS NFX150, SRX1500, SRX4100, SRX4200, vSRX versions antérieures à 15.1X49-D220, 17.4R3-S3, 18.1R3-S11, 18.2R3-S5, 18.3R2-S4, 18.3R3-S3, 18.4R2-S5, 18.4R3-S4, 19.1R3-S2, 19.2R1-S5, 19.2R3
Juniper Networks	Junos OS	Junos OS SRX Series versions antérieures à 12.3X48-D90, 15.1X49-D190, 17.4R2-S9, 17.4R3, 18.1R3-S9, 18.2R3, 18.3R1-S7, 18.3R2-S3, 18.3R3, 18.4R1-S6, 18.4R2-S3, 18.4R3, 19.1R1-S4, 19.1R2
Juniper Networks	Junos OS	Junos OS MX Series versions antérieures à 17.3R3-S8, 18.3R3-S1, 18.4R3, 19.1R3, 19.2R2, 19.3R3

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11055 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11050 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11079 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11053 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11059 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11049 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11046 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11048 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11057 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11054 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11062 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11056 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11045 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11058 du 14 octobre 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA11047 du 14 octobre 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS NFX Series versions ant\u00e9rieures \u00e0 20.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S16, 12.3X48-D105, 14.1X53-D53, 15.1R7-S8, 15.1X49-D220, 15.1X53-D593, 16.1R7-S8, 16.2R2-S11, 17.1R2-S11, 17.2R3-S4, 17.2X75-D45, 17.3R3-S9, 17.4R2-S12, 17.4R3-S3, 18.1R3-S10, 18.2R2-S7, 18.2R3S6, 18.2X75-D435, 18.3R1-S7, 18.3R2-S4, 18.3R3-S3, 18.4R1-S7, 18.4R2-S5, 18.4R3-S4, 19.1R1-S5, 19.1R2-S2, 19.1R3-S2, 19.2R1-S5, 19.2R2, 19.3R2-S3, 19.3R3, 19.4R1-S3, 19.4R2-S1, 19.4R3, 20.1R1-S2, 20.1R2, 20.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Secure Analytics versions ant\u00e9rieures \u00e0 7.4.0",
      "product": {
        "name": "Secure Analytics",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.2R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS MX series et EX9200 Series versions ant\u00e9rieures \u00e0 17.2R3-S4, 17.2X75-D102, 17.2X75-D110, 17.3R3-S8, 17.4R2-S11, 17.4R3-S2, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2X75-D30, 18.3R2-S4, 18.3R3-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS NFX150, SRX1500, SRX4100, SRX4200, vSRX versions ant\u00e9rieures \u00e0 15.1X49-D220, 17.4R3-S3, 18.1R3-S11, 18.2R3-S5, 18.3R2-S4, 18.3R3-S3, 18.4R2-S5, 18.4R3-S4, 19.1R3-S2, 19.2R1-S5, 19.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS SRX Series versions ant\u00e9rieures \u00e0 12.3X48-D90, 15.1X49-D190, 17.4R2-S9, 17.4R3, 18.1R3-S9, 18.2R3, 18.3R1-S7, 18.3R2-S3, 18.3R3, 18.4R1-S6, 18.4R2-S3, 18.4R3, 19.1R1-S4, 19.1R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS MX Series versions ant\u00e9rieures \u00e0 17.3R3-S8, 18.3R3-S1, 18.4R3, 19.1R3, 19.2R2, 19.3R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1661"
    },
    {
      "name": "CVE-2020-7450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7450"
    },
    {
      "name": "CVE-2015-3416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3416"
    },
    {
      "name": "CVE-2019-15875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15875"
    },
    {
      "name": "CVE-2015-3415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3415"
    },
    {
      "name": "CVE-2019-11478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11478"
    },
    {
      "name": "CVE-2008-6592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6592"
    },
    {
      "name": "CVE-2019-9936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
    },
    {
      "name": "CVE-2020-1657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1657"
    },
    {
      "name": "CVE-2020-1682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1682"
    },
    {
      "name": "CVE-2019-5599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5599"
    },
    {
      "name": "CVE-2013-7443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7443"
    },
    {
      "name": "CVE-2018-8740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8740"
    },
    {
      "name": "CVE-2015-6607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6607"
    },
    {
      "name": "CVE-2018-20506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20506"
    },
    {
      "name": "CVE-2018-20346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20346"
    },
    {
      "name": "CVE-2015-5895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5895"
    },
    {
      "name": "CVE-2015-3414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3414"
    },
    {
      "name": "CVE-2019-11135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
    },
    {
      "name": "CVE-2020-10188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10188"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2017-13685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13685"
    },
    {
      "name": "CVE-2019-5018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
    },
    {
      "name": "CVE-2008-6589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6589"
    },
    {
      "name": "CVE-2020-1656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1656"
    },
    {
      "name": "CVE-2019-11479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11479"
    },
    {
      "name": "CVE-2020-1665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1665"
    },
    {
      "name": "CVE-2016-6153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6153"
    },
    {
      "name": "CVE-2015-3717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3717"
    },
    {
      "name": "CVE-2019-11477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11477"
    },
    {
      "name": "CVE-2017-15286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15286"
    },
    {
      "name": "CVE-2020-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1660"
    },
    {
      "name": "CVE-2019-6593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6593"
    },
    {
      "name": "CVE-2008-6593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6593"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2008-6590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6590"
    },
    {
      "name": "CVE-2019-5610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5610"
    },
    {
      "name": "CVE-2019-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
    },
    {
      "name": "CVE-2017-10989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10989"
    },
    {
      "name": "CVE-2020-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1662"
    },
    {
      "name": "CVE-2018-20505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20505"
    }
  ],
  "initial_release_date": "2020-10-15T00:00:00",
  "last_revision_date": "2020-10-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-645",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11055 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11055\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11050 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11050\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11079 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11079\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11053 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11053\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11059 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11059\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11049 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11049\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11046 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11046\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11048 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11048\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11057 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11057\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11054 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11054\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11062 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11062\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11056 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11056\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11045 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11045\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11058 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11058\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11047 du 14 octobre 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11047\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

cnvd-2015-05217

Vulnerability from cnvd

Title

SQLite本地拒绝服务漏洞

Description

SQLite是一套基于C语言的开源嵌入式关系数据库管理系统。 SQLite存在本地绝服务漏洞，攻击者可以利用漏洞导致拒绝服务。

Severity

低

Patch Name

SQLite本地拒绝服务漏洞的补丁

Patch Description

SQLite是一套基于C语言的开源嵌入式关系数据库管理系统。 SQLite存在本地绝服务漏洞，攻击者可以利用漏洞导致拒绝服务。目前，厂商已经发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了安全公告及相关升级补丁,修复了此安全问题,请到厂商主页下载: http://www.sqlite.org/

Reference

http://www.securityfocus.com/bid/76089/

Impacted products

Name
Sqlite Sqlite 3.8.2

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "76089"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2013-7443"
    }
  },
  "description": "SQLite\u662f\u4e00\u5957\u57fa\u4e8eC\u8bed\u8a00\u7684\u5f00\u6e90\u5d4c\u5165\u5f0f\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002 \r\n\r\nSQLite\u5b58\u5728\u672c\u5730\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "SQLite",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u5347\u7ea7\u8865\u4e01,\u4fee\u590d\u4e86\u6b64\u5b89\u5168\u95ee\u9898,\u8bf7\u5230\u5382\u5546\u4e3b\u9875\u4e0b\u8f7d:\r\nhttp://www.sqlite.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-05217",
  "openTime": "2015-08-13",
  "patchDescription": "SQLite\u662f\u4e00\u5957\u57fa\u4e8eC\u8bed\u8a00\u7684\u5f00\u6e90\u5d4c\u5165\u5f0f\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002 \r\n\r\nSQLite\u5b58\u5728\u672c\u5730\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "SQLite\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Sqlite Sqlite 3.8.2"
  },
  "referenceLink": "http://www.securityfocus.com/bid/76089/",
  "serverity": "\u4f4e",
  "submitTime": "2015-08-12",
  "title": "SQLite\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

ghsa-9ggj-hfcr-7pgp

Vulnerability from github

Published

2022-05-17 03:46

Modified

2022-05-17 03:46

Details

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-7443"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-08-12T14:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.",
  "id": "GHSA-9ggj-hfcr-7pgp",
  "modified": "2022-05-17T03:46:13Z",
  "published": "2022-05-17T03:46:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7443"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
    },
    {
      "type": "WEB",
      "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
    },
    {
      "type": "WEB",
      "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
    },
    {
      "type": "WEB",
      "url": "http://ubuntu.com/usn/usn-2698-1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/76089"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2013-7443

Vulnerability from fkie_nvd

Published

2015-08-12 14:59

Modified

2025-04-12 10:46

Severity ?

Summary

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

References

URL	Tags
security@ubuntu.com	http://ubuntu.com/usn/usn-2698-1
security@ubuntu.com	http://www.openwall.com/lists/oss-security/2015/07/14/5
security@ubuntu.com	http://www.openwall.com/lists/oss-security/2015/07/15/4
security@ubuntu.com	http://www.securityfocus.com/bid/76089
security@ubuntu.com	https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758
security@ubuntu.com	https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897	Exploit, Vendor Advisory
security@ubuntu.com	https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-2698-1
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/07/14/5
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/07/15/4
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/76089
af854a3a-2127-422b-91ae-364da2661108	https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758
af854a3a-2127-422b-91ae-364da2661108	https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698	Exploit

Impacted products

Vendor	Product	Version
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.04
sqlite	sqlite	3.8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sqlite:sqlite:3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDFE183D-49BD-4C8F-882D-5B0438F251AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en la optimizaci\u00f3n skip-scan en SQLite 3.8.2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de sentencias SQL manipuladas."
    }
  ],
  "id": "CVE-2013-7443",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-08-12T14:59:00.107",
  "references": [
    {
      "source": "security@ubuntu.com",
      "url": "http://ubuntu.com/usn/usn-2698-1"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.securityfocus.com/bid/76089"
    },
    {
      "source": "security@ubuntu.com",
      "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-2698-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/76089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2013-7443

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

Aliases

CVE-2013-7443

Aliases

CVE-2013-7443

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-7443",
    "description": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.",
    "id": "GSD-2013-7443",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-7443.html",
      "https://ubuntu.com/security/CVE-2013-7443"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-7443"
      ],
      "details": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.",
      "id": "GSD-2013-7443",
      "modified": "2023-12-13T01:22:18.565647Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@ubuntu.com",
        "ID": "CVE-2013-7443",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758",
            "refsource": "CONFIRM",
            "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
          },
          {
            "name": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698",
            "refsource": "CONFIRM",
            "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
          },
          {
            "name": "76089",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/76089"
          },
          {
            "name": "[oss-security] 20150715 Re: CVE Request: SQLite array overrun in the skip-scan optimization",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
          },
          {
            "name": "[oss-security] 20150714 CVE Request: SQLite array overrun in the skip-scan optimization",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
          },
          {
            "name": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897",
            "refsource": "CONFIRM",
            "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
          },
          {
            "name": "USN-2698-1",
            "refsource": "UBUNTU",
            "url": "http://ubuntu.com/usn/usn-2698-1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sqlite:sqlite:3.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2013-7443"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758"
            },
            {
              "name": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit"
              ],
              "url": "https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698"
            },
            {
              "name": "USN-2698-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://ubuntu.com/usn/usn-2698-1"
            },
            {
              "name": "[oss-security] 20150714 CVE Request: SQLite array overrun in the skip-scan optimization",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/07/14/5"
            },
            {
              "name": "[oss-security] 20150715 Re: CVE Request: SQLite array overrun in the skip-scan optimization",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/07/15/4"
            },
            {
              "name": "76089",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/76089"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-11-28T19:10Z",
      "publishedDate": "2015-08-12T14:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-7443 (GCVE-0-2013-7443)

Vulnerability from cvelistv5

CERTFR-2020-AVI-645

Vulnerability from certfr_avis

Solution

cnvd-2015-05217

Vulnerability from cnvd

ghsa-9ggj-hfcr-7pgp

Vulnerability from github

fkie_cve-2013-7443

Vulnerability from fkie_nvd

gsd-2013-7443

Vulnerability from gsd

Tags

Sightings

Nomenclature