CVE-2015-3416 in iTunesinformación

Resumen (Inglés)

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

2015-04-24

Divulgación

2015-04-24

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
99028	Apple iTunes SQLite desbordamiento de búfer	119	No está definido	Arreglo oficial	CVE-2015-3416
78124	Apple Watch SQLite desbordamiento de búfer	119	No está definido	Arreglo oficial	CVE-2015-3416
75132	SQLite printf.c sqlite3VXPrintf desbordamiento de búfer	119	No está definido	Arreglo oficial	CVE-2015-3416

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

◂ AnteriorVisión De ConjuntoPróximo ▸

Interested in the pricing of exploits?

See the underground prices here!