SQLite 3.30.1 NULL Pointer Dereference Vulnerability

Summary

SQLite 3.30.1 suffers from null pointer dereference vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54


Details

ExprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

 

Vulnerable Systems:

SQLite 3.30.1

 

CVE Information:

CVE-2019-19880

 

Disclosure Timeline:
Published Date:12/18/2019

Categories: FeaturedNews