CVE-2015-6607 — Sqlite vulnerability

CWE-2645 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.4%

top 39.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sqlite Apple Itunes Apple Itunes 12.6 FOR Windows +1 more

Timeline

PublishedOct 6

Latest updateMay 17

Description

SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages4 packages

▶NVDsqlite/sqlite3.8.8.3

▶googlegoogle/android

▶Appleapple/itunes12.6

▶Appleapple/itunes_12.6_for_windows

🔴Vulnerability Details

GHSA

GHSA-wf9w-9wmc-7fpv: SQLite before 3↗2022-05-17

▶

📋Vendor Advisories

Apple

CVE-2015-6607: iTunes 12.6 for Windows↗2017-03-21

▶

Apple

CVE-2015-6607: iTunes 12.6↗2017-03-21

▶

Android

CVE-2015-6607: Android Security Bulletin 2015-10-01 CVE: CVE-2015-6607 Severity: MEDIUM Affected AOSP versions: 5↗2015-10-01

▶