Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-3415
Description:The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context- dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
Test IDs: 1.3.6.1.4.1.25623.1.0.120108   1.3.6.1.4.1.25623.1.0.120107   1.3.6.1.4.1.25623.1.0.120105   1.3.6.1.4.1.25623.1.0.123027  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-3415
http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
BugTraq ID: 74228
http://www.securityfocus.com/bid/74228
Debian Security Information: DSA-3252 (Google Search)
http://www.debian.org/security/2015/dsa-3252
http://seclists.org/fulldisclosure/2015/Apr/31
https://security.gentoo.org/glsa/201507-05
http://www.mandriva.com/security/advisories?name=MDVSA-2015:217
RedHat Security Advisories: RHSA-2015:1635
http://rhn.redhat.com/errata/RHSA-2015-1635.html
http://www.securitytracker.com/id/1033703
http://www.ubuntu.com/usn/USN-2698-1




© 1998-2024 E-Soft Inc. All rights reserved.