CVE-2015-3416 — Integer Overflow or Wraparound in Sqlite

CWE-190 — Integer Overflow or Wraparound CWE-121 — Stack-based Buffer Overflow CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents9 sources

Severity

7.5HIGHNVD

EPSS

7.5%

top 8.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ghost Sqlite3 PHP Apple MAC OS X +4 more

Timeline

PublishedApr 24

Latest updateMay 14

Description

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

▶Debianghost/sqlite3< 3.8.9-1+3

▶NVDsqlite/sqlite3.8.8.3

▶NVDphp/php5.4.0 — 5.4.42+2

▶NVDapple/watchos1.0.1

▶NVDapple/mac_os_x10.6.8

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 15.04

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-33jw-h57w-fr79: The sqlite3VXPrintf function in printf↗2022-05-14

▶

CVEList

CVE-2015-3416: The sqlite3VXPrintf function in printf↗2015-04-24

▶

OSV

CVE-2015-3416: The sqlite3VXPrintf function in printf↗2015-04-24

▶

📋Vendor Advisories

Apple

CVE-2015-3416: iTunes 12.6 for Windows↗2017-03-21

▶

Apple

CVE-2015-3416: iTunes 12.6↗2017-03-21

▶

Ubuntu

SQLite vulnerabilities↗2015-07-30

▶

Red Hat

sqlite: stack buffer overflow in src/printf.c↗2015-03-31

▶

Debian

CVE-2015-3416: sqlite3 - The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properl...↗2015

▶

💬Community

Bugzilla

CVE-2015-3416 sqlite: stack buffer overflow in src/printf.c↗2015-04-16

▶