Vulnerability CVE-2017-15286


Published: 2017-10-12

Description:
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

 References:
https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md

Copyright 2017, cxsecurity.com

 

Back to Top