| Title | SQLite SQLite3 3.8.7.2 to 3.43.0 buffer overflow |
|---|
| Description | A heap-buffer-overflow can be triggered by "make alltest" on SQLite from 3.8.7 to 3.43.0, because sqlite3session.c doesn't validate the length of the sessionInput. it allows an attacker to read out-of-bounds 8-bytes, and leak that value to the output record.
|
|---|
| Source | ⚠️ https://sqlite.org/forum/forumpost/5bcbf4571c |
|---|
| User | qbit (UID 60633) |
|---|
| Submission | 12/25/2023 13:05 (2 years ago) |
|---|
| Moderation | 12/25/2023 15:01 (2 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 248999 [SQLite SQLite3 up to 3.43.0 make alltest sqlite3session.c sessionReadRecord heap-based overflow] |
|---|
| Points | 17 |
|---|