CVE - CVE - 2018 - 20346

CVE-ID
cve - 2018 - 20346	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
SQLite 3.25.3之前,当启用FTS3扩展时,遇到一个整数溢出(和合成缓冲区溢出)FTS3查询精心修改后发生FTS3影子表,允许远程攻击者利用的能力执行任意代码运行任意SQL语句(如某些WebSQL用例),即麦哲伦。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
报价:106323 URL: http://www.securityfocus.com/bid/106323 确认:https://kc.mcafee.com/corporate/index?page=content&id=SB10365 确认:https://support.apple.com/HT209443 确认:https://support.apple.com/HT209446 确认:https://support.apple.com/HT209447 确认:https://support.apple.com/HT209448 确认:https://support.apple.com/HT209450 确认:https://support.apple.com/HT209451 确认:https://www.synology.com/security/advisory/Synology_SA_18_61 FEDORA: FEDORA - 2019 - 49 - f80a78bc URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ FREEBSD: FreeBSD-EN-19:03 URL: https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc GENTOO: glsa - 201904 - 21所示 URL: https://security.gentoo.org/glsa/201904-21 MISC: https://access.redhat.com/articles/3758321 MISC: https://blade.tencent.com/magellan/index_en.html MISC: https://bugzilla.redhat.com/show_bug.cgi?id=1659379 MISC: https://bugzilla.redhat.com/show_bug.cgi?id=1659677 MISC: https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html MISC: https://chromium.googlesource.com/chromium/src/ + / c368e30ae55600a1c3c9cb1710a54f9c55de786e MISC: https://crbug.com/900910 MISC: https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html MISC: https:/万博下载包/news.ycombinator.com/item?id=18685296 MISC: https://sqlite.org/src/info/940f2adc8541a838 MISC: https://sqlite.org/src/info/d44318f59044162e MISC: https://worthdoingbadly.com/sqlitebug/ MISC: https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html MISC: https://www.oracle.com/security-alerts/cpuapr2020.html MISC: https://www.sqlite.org/releaselog/3_25_3.html MLIST: [debian-lts-announce] 20181222[安全][国防后勤局1613 - 1]sqlite3安全更新 URL: https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html MLIST: [debian-lts-announce] 20200822[安全][国防后勤局2340 - 1]sqlite3安全更新 URL: https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html SUSE: openSUSE-SU-2019:1159 URL: http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html SUSE: openSUSE-SU-2019:1222 URL: http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html UBUNTU: usn - 4019 - 1 URL: https://usn.ubuntu.com/4019-1/ UBUNTU: usn - 4019 - 2 URL: https://usn.ubuntu.com/4019-2/
分配中央社
主教法冠公司
创建日期记录
20181221	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
分配(20181221)
票(遗留)

评论(遗留)

提出(遗留)
N /一个
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

回到顶部

cve - 2018 - 20346