CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-15286

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/101285
https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
http://www.securityfocus.com/bid/101285
https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md

Products affected by CVE-2017-15286

Sqlite » Sqlite » Version: 3.20.1

cpe:2.3:a:sqlite:sqlite:3.20.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-15286

Products

Pricing

Contact Us