PT-2019-4866 · Sqlite+5 · Sqlite+5

Publicado

2019-12-22

·

Atualizado

2024-06-15

·

CVE-2019-19926

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions SQLite version 3.30.1
Description The issue is related to the multiSelect function in select.c and the sqlite3WindowRewrite() function, which can cause errors during parsing. Additionally, there is a problem with a null pointer dereference in the sqlite3WindowRewrite() function. This could potentially allow a remote attacker to cause a denial of service.
Recommendations For SQLite version 3.30.1, consider applying a patch or fix that addresses the incomplete fix for the previous issue and the null pointer dereference problem in the sqlite3WindowRewrite() function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2020-1088
ALT-PU-2020-1457
ALT-PU-2020-1521
ALT-PU-2020-1707
ALT-PU-2020-2094
ALT-PU-2020-2183
ALT-PU-2020-2441
ALT-PU-2020-2898
BDU:2020-01452
CVE-2019-19926
DSA-4638-1
MGASA-2020-0123
OPENSUSE-SU-2020:0189-1
OPENSUSE-SU-2020:0210-1
OPENSUSE-SU-2020:0233-1
OPENSUSE-SU-2020_0189-1
OPENSUSE-SU-2021:1058-1
OPENSUSE-SU-2021:2320-1
OPENSUSE-SU-2021_1058-1
OPENSUSE-SU-2021_2320-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:12948-1
RHSA-2020:0514
RHSA-2020_0514
SUSE-SU-2021:2320-1
SUSE-SU-2021:3215-1
USN-4298-1
USN-4298-2

Produtos afetados

Alt Linux
Google Chrome
Red Hat
Sqlite
Suse
Ubuntu