CVE-2018-20506

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.

References

https://support.apple.com/kb/HT209451

https://support.apple.com/kb/HT209450

https://support.apple.com/kb/HT209448

https://support.apple.com/kb/HT209447

https://support.apple.com/kb/HT209446

https://support.apple.com/kb/HT209443

https://sqlite.org/src/info/940f2adc8541a838

https://seclists.org/bugtraq/2019/Jan/39

https://seclists.org/bugtraq/2019/Jan/33

https://seclists.org/bugtraq/2019/Jan/32

https://seclists.org/bugtraq/2019/Jan/31

https://seclists.org/bugtraq/2019/Jan/29

https://seclists.org/bugtraq/2019/Jan/28

http://www.securityfocus.com/bid/106698

http://seclists.org/fulldisclosure/2019/Jan/69

http://seclists.org/fulldisclosure/2019/Jan/68

http://seclists.org/fulldisclosure/2019/Jan/67

http://seclists.org/fulldisclosure/2019/Jan/66

http://seclists.org/fulldisclosure/2019/Jan/64

http://seclists.org/fulldisclosure/2019/Jan/62

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html

https://security.netapp.com/advisory/ntap-20190502-0004/

https://usn.ubuntu.com/4019-1/

https://usn.ubuntu.com/4019-2/

https://www.oracle.com/security-alerts/cpuapr2020.html

https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html

https://kc.mcafee.com/corporate/index?page=content&id=SB10365

Details

Source: MITRE

Published: 2019-04-03

Updated: 2021-07-31

Type: CWE-190

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.2

Severity: HIGH

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
126065Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : SQLite vulnerabilities (USN-4019-1)NessusUbuntu Local Security Checks
critical
124150SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2019:0973-1)NessusSuSE Local Security Checks
high
124143openSUSE Security Update : sqlite3 (openSUSE-2019-1222)NessusSuSE Local Security Checks
high
700556Apple iOS < 12.1.3 Multiple Vulnerabilities (APPLE-SA-2019-1-22-1)Nessus Network MonitorMobile Devices
medium
700521macOS 10.14.x < 10.14.3 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
123967SUSE SLED12 / SLES12 Security Update : sqlite3 (SUSE-SU-2019:0913-1)NessusSuSE Local Security Checks
high
121473Apple iTunes < 12.9.3 Multiple Vulnerabilities (credentialed check)NessusWindows
critical
121393macOS 10.14.x < 10.14.3 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
121331Apple iOS < 12.1.3 Multiple VulnerabilitiesNessusMobile Devices
high