CVE-2018-20506Integer Overflow or Wraparound in Sqlite

CWE-190Integer Overflow or Wraparound18 documents10 sources
Severity
8.1HIGHNVD
EPSS
8.5%
top 7.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Ghost Sqlite3Apple Iphone OSApple MAC OS X+6 more
Timeline
PublishedApr 3
Latest updateMay 13

Description

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages9 packages

NVDsqlite/sqlite< 3.25.3
Debianghost/sqlite3< 3.25.3-1+3
NVDapple/tvos< 12.1.2
NVDapple/watchos< 5.1.3
NVDapple/mac_os_x< 10.14.3

🔴Vulnerability Details

5
GHSA
GHSA-hfxx-8v8g-6rcx: SQLite before 32022-05-13
OSV
sqlite3 vulnerabilities2019-06-19
OSV
sqlite3 vulnerabilities2019-06-19
OSV
CVE-2018-20506: SQLite before 32019-04-03
CVEList
CVE-2018-20506: SQLite before 32019-04-03

📋Vendor Advisories

11
Ubuntu
SQLite vulnerabilities2019-06-19
Ubuntu
SQLite vulnerabilities2019-06-19
Microsoft
SQLite before 3.25.3 when the FTS3 extension is enabled encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS32019-04-09
Apple
CVE-2018-20506: iTunes 12.9.3 for Windows2019-01-24
Apple
CVE-2018-20506: iCloud for Windows 7.102019-01-22

💬Community

1
Bugzilla
CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan)2018-12-14
CVE-2018-20506 — Integer Overflow or Wraparound | cvebase