Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of service via the setupLookaside function

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2cd61f76-b41b-11f0-bf21-b42e991fc52e advisory.

    http://sqlite3.com reports:
    Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0               allows a remote attacker to cause a denial of service via               the setupLookaside function

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of     service via the setupLookaside function (CVE-2025-52099)

Note that Nessus relies on the presence of the package as reported by the vendor.

An update of the sqlite package has been released.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-976 advisory.

    An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the     SQLITE_DBCONFIG_LOOKASIDE component (CVE-2025-29088)

    A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which     could allow content to execute in the top-level document's process instead of the intended frame,     potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10,     Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10. (CVE-2025-4083)

    A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to     missing null checks during attribute access. This could lead to out-of-bounds read access and potentially,     memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and     Thunderbird < 128.10. (CVE-2025-4087)

    Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some     of these bugs showed evidence of memory corruption and we presume that with enough effort some of these     could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR <     128.10, Thunderbird < 138, and Thunderbird < 128.10. (CVE-2025-4091)

    Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory     corruption and we presume that with enough effort this could have been exploited to run arbitrary code.
    This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. (CVE-2025-4093)

    Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of     service via the setupLookaside function (CVE-2025-52099)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of firefox installed on the remote host is prior to 128.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-038 advisory.

    An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the     SQLITE_DBCONFIG_LOOKASIDE component (CVE-2025-29088)

    A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which     could allow content to execute in the top-level document's process instead of the intended frame,     potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10,     Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10. (CVE-2025-4083)

    A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to     missing null checks during attribute access. This could lead to out-of-bounds read access and potentially,     memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and     Thunderbird < 128.10. (CVE-2025-4087)

    Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some     of these bugs showed evidence of memory corruption and we presume that with enough effort some of these     could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR <     128.10, Thunderbird < 138, and Thunderbird < 128.10. (CVE-2025-4091)

    Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory     corruption and we presume that with enough effort this could have been exploited to run arbitrary code.
    This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. (CVE-2025-4093)

    Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of     service via the setupLookaside function (CVE-2025-52099)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of thunderbird installed on the remote host is prior to 128.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2858 advisory.

    Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go     fullscreen without the user seeing the notification prompt, resulting in potential user confusion or     spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
    (CVE-2022-45404)

    By crafting a malformed file name for an attachment in a multipart message, an attacker can trick     Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new     message. This vulnerability could allow attackers to disclose sensitive information from the victim's     system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well.
    This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. (CVE-2025-2830)

    An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the     SQLITE_DBCONFIG_LOOKASIDE component (CVE-2025-29088)

    Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be     hosted externally. When an email is opened, Thunderbird accesses the specified URL to  determine file     size, and navigates to it when the user clicks the attachment. Because the URL is not validated or     sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially     leading to hashed Windows credential leakage and opening the door to more serious security issues. This     vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. (CVE-2025-3522)

    When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL     header, only the last link is shown when hovering over any attachment. Although the correct link is used     on click, the misleading hover text could trick users into downloading content from untrusted sources.
    This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. (CVE-2025-3523)

    A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which     could allow content to execute in the top-level document's process instead of the intended frame,     potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10,     Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10. (CVE-2025-4083)

    A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to     missing null checks during attribute access. This could lead to out-of-bounds read access and potentially,     memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and     Thunderbird < 128.10. (CVE-2025-4087)

    Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some     of these bugs showed evidence of memory corruption and we presume that with enough effort some of these     could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR <     128.10, Thunderbird < 138, and Thunderbird < 128.10. (CVE-2025-4091)

    Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory     corruption and we presume that with enough effort this could have been exploited to run arbitrary code.
    This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. (CVE-2025-4093)

    Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of     service via the setupLookaside function (CVE-2025-52099)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-966 advisory.

    An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the     SQLITE_DBCONFIG_LOOKASIDE component (CVE-2025-29088)

    Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of     service via the setupLookaside function (CVE-2025-52099)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
271946	FreeBSD : SQLite -- Integer Overflow vulnerability (2cd61f76-b41b-11f0-bf21-b42e991fc52e)	Nessus	FreeBSD Local Security Checks	high
271709	Linux Distros Unpatched Vulnerability : CVE-2025-52099	Nessus	Misc.	high
238423	Photon OS 4.0: Sqlite PHSA-2025-4.0-0790	Nessus	PhotonOS Local Security Checks	medium
237666	Amazon Linux 2023 : firefox (ALAS2023-2025-976)	Nessus	Amazon Linux Local Security Checks	medium
237509	Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-038 (ALASFIREFOX-2025-038)	Nessus	Amazon Linux Local Security Checks	medium
237481	Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-2858 (ALAS-2025-2858)	Nessus	Amazon Linux Local Security Checks	medium
235910	Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2025-966)	Nessus	Amazon Linux Local Security Checks	medium
234751	Photon OS 5.0: Sqlite PHSA-2025-5.0-0508	Nessus	PhotonOS Local Security Checks	medium

Detections

Analytics

CVE-2025-52099

high

Tenable Plugins

high

high

medium

medium

medium

medium

medium

medium