CVE-2018-20506
HIGHSQLite < 3.25.3 - Remote Code Execution via FTS3 Query Integer Overflow
Title source: llmDescription
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
References (27)
Core 27
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
Vendor Advisory x_refsource_misc
https://sqlite.org/src/info/940f2adc8541a838
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Jan/62
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Jan/64
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Jan/66
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Jan/67
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Jan/68
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Jan/69
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/106698
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2019/Jan/28
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2019/Jan/29
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2019/Jan/31
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2019/Jan/32
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2019/Jan/33
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2019/Jan/39
Third Party Advisory x_refsource_misc
https://support.apple.com/kb/HT209443
Third Party Advisory x_refsource_misc
https://support.apple.com/kb/HT209446
Third Party Advisory x_refsource_misc
https://support.apple.com/kb/HT209447
Third Party Advisory x_refsource_misc
https://support.apple.com/kb/HT209448
Third Party Advisory x_refsource_misc
https://support.apple.com/kb/HT209450
Third Party Advisory x_refsource_misc
https://support.apple.com/kb/HT209451
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190502-0004/
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4019-1/
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4019-2/
Vendor Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuapr2020.html
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
Scores
CVSS v3
8.1
EPSS
0.0789
EPSS Percentile
92.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (8)
apple/icloud
< 7.10
apple/iphone_os
< 12.1.3
apple/itunes
< 12.9.3
apple/mac_os_x
< 10.14.3
apple/tvos
< 12.1.2
apple/watchos
< 5.1.3
opensuse/leap
42.3
sqlite/sqlite
< 3.25.3
Published
Apr 03, 2019
Tracked Since
Feb 18, 2026