Vulnerabilities > CVE-2015-3416 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
canonical
sqlite
debian
apple
php
CWE-190
nessus

Summary

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

Vulnerable Configurations

Part Description Count
OS
Canonical
3
OS
Debian
1
OS
Apple
69
Application
Sqlite
244
Application
Php
245

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0115.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Add patch for compiler warnings highlighted by rpmdiff. Related: rhbz#1244727 - fix for (CVE-2015-3416) Resolves: #1244727
    last seen2020-06-01
    modified2020-06-02
    plugin id85527
    published2015-08-19
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85527
    titleOracleVM 3.3 : sqlite (OVMSA-2015-0115)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The package checks in this plugin were extracted from OracleVM
    # Security Advisory OVMSA-2015-0115.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85527);
      script_version("2.6");
      script_cvs_date("Date: 2019/09/27 13:00:34");
    
      script_cve_id("CVE-2015-3416");
      script_bugtraq_id(74228);
    
      script_name(english:"OracleVM 3.3 : sqlite (OVMSA-2015-0115)");
      script_summary(english:"Checks the RPM output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote OracleVM host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote OracleVM system is missing necessary patches to address
    critical security updates :
    
      - Add patch for compiler warnings highlighted by rpmdiff.
        Related: rhbz#1244727
    
      - fix for (CVE-2015-3416) Resolves: #1244727"
      );
      # https://oss.oracle.com/pipermail/oraclevm-errata/2015-August/000363.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?cceb7b53"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected sqlite package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:sqlite");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/24");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/08/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"OracleVM Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/OracleVM/release");
    if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
    if (! preg(pattern:"^OVS" + "3\.3" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3", "OracleVM " + release);
    if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    flag = 0;
    if (rpm_check(release:"OVS3.3", reference:"sqlite-3.6.20-1.el6_7.2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "sqlite");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-591.NASL
    descriptionA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414) It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85749
    published2015-09-03
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/85749
    titleAmazon Linux AMI : sqlite (ALAS-2015-591)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2015-591.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85749);
      script_version("2.4");
      script_cvs_date("Date: 2018/04/18 15:09:35");
    
      script_cve_id("CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416");
      script_xref(name:"ALAS", value:"2015-591");
    
      script_name(english:"Amazon Linux AMI : sqlite (ALAS-2015-591)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A flaw was found in the way SQLite handled dequoting of
    collation-sequence names. A local attacker could submit a specially
    crafted COLLATE statement that would crash the SQLite process, or have
    other unspecified impacts. (CVE-2015-3414)
    
    It was found that SQLite's sqlite3VdbeExec() function did not properly
    implement comparison operators. A local attacker could submit a
    specially crafted CHECK statement that would crash the SQLite process,
    or have other unspecified impacts. (CVE-2015-3415)
    
    It was found that SQLite's sqlite3VXPrintf() function did not properly
    handle precision and width values during floating-point conversions. A
    local attacker could submit a specially crafted SELECT statement that
    would crash the SQLite process, or have other unspecified impacts.
    (CVE-2015-3416)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2015-591.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update sqlite' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:lemon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sqlite-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sqlite-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sqlite-tcl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/09/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"lemon-3.7.17-6.13.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"sqlite-3.7.17-6.13.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"sqlite-debuginfo-3.7.17-6.13.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"sqlite-devel-3.7.17-6.13.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"sqlite-doc-3.7.17-6.13.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"sqlite-tcl-3.7.17-6.13.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-1635.NASL
    descriptionAn updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server. A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414) It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85463
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85463
    titleCentOS 7 : sqlite (CESA-2015:1635)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2015:1635 and 
    # CentOS Errata and Security Advisory 2015:1635 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85463);
      script_version("2.9");
      script_cvs_date("Date: 2020/01/02");
    
      script_cve_id("CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416");
      script_xref(name:"RHSA", value:"2015:1635");
    
      script_name(english:"CentOS 7 : sqlite (CESA-2015:1635)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated sqlite package that fixes three security issues is now
    available for Red Hat Enterprise Linux 7.
    
    Red Hat Product Security has rated this update as having Moderate
    security impact. Common Vulnerability Scoring System (CVSS) base
    scores, which give detailed severity ratings, are available for each
    vulnerability from the CVE links in the References section.
    
    SQLite is a C library that implements a SQL database engine. A large
    subset of SQL92 is supported. A complete database is stored in a
    single disk file. The API is designed for convenience and ease of use.
    Applications that link against SQLite can enjoy the power and
    flexibility of a SQL database without the administrative hassles of
    supporting a separate database server.
    
    A flaw was found in the way SQLite handled dequoting of
    collation-sequence names. A local attacker could submit a specially
    crafted COLLATE statement that would crash the SQLite process, or have
    other unspecified impacts. (CVE-2015-3414)
    
    It was found that SQLite's sqlite3VdbeExec() function did not properly
    implement comparison operators. A local attacker could submit a
    specially crafted CHECK statement that would crash the SQLite process,
    or have other unspecified impacts. (CVE-2015-3415)
    
    It was found that SQLite's sqlite3VXPrintf() function did not properly
    handle precision and width values during floating-point conversions. A
    local attacker could submit a specially crafted SELECT statement that
    would crash the SQLite process, or have other unspecified impacts.
    (CVE-2015-3416)
    
    All sqlite users are advised to upgrade to this updated package, which
    contains backported patches to correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2015-August/021337.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?df1770c2"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected sqlite packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3414");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:lemon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:sqlite-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:sqlite-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:sqlite-tcl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/24");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/08/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/18");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"lemon-3.7.17-6.el7_1.1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"sqlite-3.7.17-6.el7_1.1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"sqlite-devel-3.7.17-6.el7_1.1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"sqlite-doc-3.7.17-6.el7_1.1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"sqlite-tcl-3.7.17-6.el7_1.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2698-1.NASL
    descriptionIt was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443) Michal Zalewski discovered that SQLite incorrectly handled dequoting of collation-sequence names. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3414) Michal Zalewski discovered that SQLite incorrectly implemented comparison operators. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415) Michal Zalewski discovered that SQLite incorrectly handle printf precision and width values during floating-point conversions. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3416). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id85156
    published2015-07-31
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85156
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-2698-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85156);
      script_version("2.9");
      script_cvs_date("Date: 2019/09/18 12:31:44");
    
      script_cve_id("CVE-2013-7443", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416");
      script_xref(name:"USN", value:"2698-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that SQLite incorrectly handled skip-scan
    optimization. An attacker could use this issue to cause applications
    using SQLite to crash, resulting in a denial of service, or possibly
    execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.
    (CVE-2013-7443)
    
    Michal Zalewski discovered that SQLite incorrectly handled dequoting
    of collation-sequence names. An attacker could use this issue to cause
    applications using SQLite to crash, resulting in a denial of service,
    or possibly execute arbitrary code. This issue only affected Ubuntu
    14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)
    
    Michal Zalewski discovered that SQLite incorrectly implemented
    comparison operators. An attacker could use this issue to cause
    applications using SQLite to crash, resulting in a denial of service,
    or possibly execute arbitrary code. This issue only affected Ubuntu
    15.04. (CVE-2015-3415)
    
    Michal Zalewski discovered that SQLite incorrectly handle printf
    precision and width values during floating-point conversions. An
    attacker could use this issue to cause applications using SQLite to
    crash, resulting in a denial of service, or possibly execute arbitrary
    code. (CVE-2015-3416).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/2698-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libsqlite3-0 package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/24");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/07/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/31");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|15\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 15.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"libsqlite3-0", pkgver:"3.7.9-2ubuntu1.2")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"libsqlite3-0", pkgver:"3.8.2-1ubuntu2.1")) flag++;
    if (ubuntu_check(osver:"15.04", pkgname:"libsqlite3-0", pkgver:"3.8.7.4-1ubuntu0.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsqlite3-0");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_11.NASL
    descriptionThe remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components : - Address Book - AirScan - apache_mod_php - Apple Online Store Kit - AppleEvents - Audio - bash - Certificate Trust Policy - CFNetwork Cookies - CFNetwork FTPProtocol - CFNetwork HTTPProtocol - CFNetwork Proxies - CFNetwork SSL - CoreCrypto - CoreText - Dev Tools - Disk Images - dyld - EFI - Finder - Game Center - Heimdal - ICU - Install Framework Legacy - Intel Graphics Driver - IOAudioFamily - IOGraphics - IOHIDFamily - IOStorageFamily - Kernel - libc - libpthread - libxpc - Login Window - lukemftpd - Mail - Multipeer Connectivity - NetworkExtension - Notes - OpenSSH - OpenSSL - procmail - remote_cmds - removefile - Ruby - Safari - Safari Downloads - Safari Extensions - Safari Safe Browsing - Security - SMB - SQLite - Telephony - Terminal - tidy - Time Machine - WebKit - WebKit CSS - WebKit JavaScript Bindings - WebKit Page Loading - WebKit Plug-ins Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id86270
    published2015-10-05
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86270
    titleMac OS X < 10.11 Multiple Vulnerabilities (GHOST)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150817_SQLITE_ON_SL7_X.NASL
    descriptionA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414) It was found that SQLite
    last seen2020-03-18
    modified2015-08-18
    plugin id85502
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85502
    titleScientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)
  • NASL familyCGI abuses
    NASL idPHP_5_4_42.NASL
    descriptionAccording to its banner, the version of PHP 5.4.x running on the remote web server is prior to 5.4.42. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326) - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414) - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415) - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416) - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the
    last seen2020-06-01
    modified2020-06-02
    plugin id84362
    published2015-06-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84362
    titlePHP 5.4.x < 5.4.42 Multiple Vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-561.NASL
    descriptionUpstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416). All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.
    last seen2020-06-01
    modified2020-06-02
    plugin id84623
    published2015-07-09
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84623
    titleAmazon Linux AMI : php54 (ALAS-2015-561)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-1634.NASL
    descriptionFrom Red Hat Security Advisory 2015:1634 : An updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. SQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server. It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85490
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85490
    titleOracle Linux 6 : sqlite (ELSA-2015-1634)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201507-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201507-05 (SQLite: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id84604
    published2015-07-08
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84604
    titleGLSA-201507-05 : SQLite: Multiple vulnerabilities
  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_12_6_BANNER.NASL
    descriptionThe version of Apple iTunes running on the remote host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities : - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300) - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153) - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information. (CVE-2017-2383) - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463) - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user
    last seen2020-06-01
    modified2020-06-02
    plugin id100026
    published2017-05-08
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100026
    titleApple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-1635.NASL
    descriptionFrom Red Hat Security Advisory 2015:1635 : An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server. A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414) It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85491
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85491
    titleOracle Linux 7 : sqlite (ELSA-2015-1635)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2015-198-02.NASL
    descriptionNew php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id84830
    published2015-07-20
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84830
    titleSlackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1634.NASL
    descriptionAn updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. SQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server. It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85495
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85495
    titleRHEL 6 : sqlite (RHSA-2015:1634)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-563.NASL
    descriptionUpstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.
    last seen2020-06-01
    modified2020-06-02
    plugin id84625
    published2015-07-09
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84625
    titleAmazon Linux AMI : php56 (ALAS-2015-563)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1425.NASL
    descriptionAccording to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id124928
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124928
    titleEulerOS Virtualization 3.0.1.0 : sqlite (EulerOS-SA-2019-1425)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3252.NASL
    descriptionMichal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id83273
    published2015-05-07
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83273
    titleDebian DSA-3252-1 : sqlite3 - security update
  • NASL familyCGI abuses
    NASL idPHP_5_5_26.NASL
    descriptionAccording to its banner, the version of PHP 5.5.x running on the remote web server is prior to 5.5.26. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326) - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414) - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415) - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416) - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the
    last seen2020-06-01
    modified2020-06-02
    plugin id84363
    published2015-06-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84363
    titlePHP 5.5.x < 5.5.26 Multiple Vulnerabilities
  • NASL familyCGI abuses
    NASL idPHP_5_6_10.NASL
    descriptionAccording to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression (PCRE) library due to improper validation of user-supplied input to the compile_branch() and pcre_compile2() functions. A remote attacker can exploit these conditions to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-2325, CVE-2015-2326) - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of quotes in collation sequence names. A remote attacker can exploit this to cause uninitialized memory access, resulting in denial of service condition. (CVE-2015-3414) - A denial of service vulnerability exists in the bundled SQLite component due to an improper implementation of comparison operators in the sqlite3VdbeExec() function in vdbe.c. A remote attacker can exploit this to cause an invalid free operation, resulting in a denial of service condition. (CVE-2015-3415) - A denial of service vulnerability exists in the bundled SQLite component due to improper handling of precision and width values during floating-point conversions in the sqlite3VXPrintf() function in printf.c. A remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-3416) - A security bypass vulnerability exists due to a failure in multiple extensions to check for NULL bytes in a path when processing or reading a file. A remote attacker can exploit this, by combining the
    last seen2020-06-01
    modified2020-06-02
    plugin id84364
    published2015-06-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84364
    titlePHP 5.6.x < 5.6.10 Multiple Vulnerabilities
  • NASL familyFirewalls
    NASL idPFSENSE_SA-15_06.NASL
    descriptionAccording to its self-reported version number, the remote pfSense install is prior to 2.2.3. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories.
    last seen2020-06-01
    modified2020-06-02
    plugin id106495
    published2018-01-31
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106495
    titlepfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL
    descriptionNVD reports : SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE
    last seen2020-06-01
    modified2020-06-02
    plugin id82893
    published2015-04-20
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82893
    titleFreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)
  • NASL familyWindows
    NASL idITUNES_12_6.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities : - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300) - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153) - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information. (CVE-2017-2383) - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463) - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user
    last seen2020-06-01
    modified2020-06-02
    plugin id100025
    published2017-05-08
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100025
    titleApple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1635.NASL
    descriptionAn updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. SQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server. A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414) It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85496
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85496
    titleRHEL 7 : sqlite (RHSA-2015:1635)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-1634.NASL
    descriptionAn updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. SQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server. It was found that SQLite
    last seen2020-06-01
    modified2020-06-02
    plugin id85462
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85462
    titleCentOS 6 : sqlite (CESA-2015:1634)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_ITUNES_12_6.NASL
    descriptionThe version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities : - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300) - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id100027
    published2017-05-08
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100027
    titleApple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL16950.NASL
    descriptionThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. (CVE-2015-3416)
    last seen2020-06-01
    modified2020-06-02
    plugin id91507
    published2016-06-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91507
    titleF5 Networks BIG-IP : SQLite vulnerability (K16950)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150817_SQLITE_ON_SL6_X.NASL
    descriptionIt was found that SQLite
    last seen2020-03-18
    modified2015-08-18
    plugin id85501
    published2015-08-18
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85501
    titleScientific Linux Security Update : sqlite on SL6.x i386/x86_64 (20150817)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-562.NASL
    descriptionUpstream reports that several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for full details.
    last seen2020-06-01
    modified2020-06-02
    plugin id84624
    published2015-07-09
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84624
    titleAmazon Linux AMI : php55 (ALAS-2015-562)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-217.NASL
    descriptionMultiple vulnerabilities has been found and corrected in sqlite3 : SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement (CVE-2015-3414). The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE statement (CVE-2015-3415). The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement (CVE-2015-3416). The updated packages provides a solution for these security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id83169
    published2015-05-01
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83169
    titleMandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)

Redhat

advisories
  • bugzilla
    id1212357
    titleCVE-2015-3416 sqlite: stack buffer overflow in src/printf.c
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentsqlite-tcl is earlier than 0:3.6.20-1.el6_7.2
            ovaloval:com.redhat.rhsa:tst:20151634001
          • commentsqlite-tcl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634002
        • AND
          • commentlemon is earlier than 0:3.6.20-1.el6_7.2
            ovaloval:com.redhat.rhsa:tst:20151634003
          • commentlemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634004
        • AND
          • commentsqlite-doc is earlier than 0:3.6.20-1.el6_7.2
            ovaloval:com.redhat.rhsa:tst:20151634005
          • commentsqlite-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634006
        • AND
          • commentsqlite-devel is earlier than 0:3.6.20-1.el6_7.2
            ovaloval:com.redhat.rhsa:tst:20151634007
          • commentsqlite-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634008
        • AND
          • commentsqlite is earlier than 0:3.6.20-1.el6_7.2
            ovaloval:com.redhat.rhsa:tst:20151634009
          • commentsqlite is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634010
    rhsa
    idRHSA-2015:1634
    released2015-08-17
    severityModerate
    titleRHSA-2015:1634: sqlite security update (Moderate)
  • bugzilla
    id1212357
    titleCVE-2015-3416 sqlite: stack buffer overflow in src/printf.c
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentsqlite is earlier than 0:3.7.17-6.el7_1.1
            ovaloval:com.redhat.rhsa:tst:20151635001
          • commentsqlite is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634010
        • AND
          • commentsqlite-devel is earlier than 0:3.7.17-6.el7_1.1
            ovaloval:com.redhat.rhsa:tst:20151635003
          • commentsqlite-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634008
        • AND
          • commentsqlite-tcl is earlier than 0:3.7.17-6.el7_1.1
            ovaloval:com.redhat.rhsa:tst:20151635005
          • commentsqlite-tcl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634002
        • AND
          • commentlemon is earlier than 0:3.7.17-6.el7_1.1
            ovaloval:com.redhat.rhsa:tst:20151635007
          • commentlemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634004
        • AND
          • commentsqlite-doc is earlier than 0:3.7.17-6.el7_1.1
            ovaloval:com.redhat.rhsa:tst:20151635009
          • commentsqlite-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20151634006
    rhsa
    idRHSA-2015:1635
    released2015-08-17
    severityModerate
    titleRHSA-2015:1635: sqlite security update (Moderate)
rpms
  • lemon-0:3.6.20-1.el6_7.2
  • sqlite-0:3.6.20-1.el6_7.2
  • sqlite-debuginfo-0:3.6.20-1.el6_7.2
  • sqlite-devel-0:3.6.20-1.el6_7.2
  • sqlite-doc-0:3.6.20-1.el6_7.2
  • sqlite-tcl-0:3.6.20-1.el6_7.2
  • lemon-0:3.7.17-6.ael7b_1.1
  • lemon-0:3.7.17-6.el7_1.1
  • sqlite-0:3.7.17-6.ael7b_1.1
  • sqlite-0:3.7.17-6.el7_1.1
  • sqlite-debuginfo-0:3.7.17-6.ael7b_1.1
  • sqlite-debuginfo-0:3.7.17-6.el7_1.1
  • sqlite-devel-0:3.7.17-6.ael7b_1.1
  • sqlite-devel-0:3.7.17-6.el7_1.1
  • sqlite-doc-0:3.7.17-6.ael7b_1.1
  • sqlite-doc-0:3.7.17-6.el7_1.1
  • sqlite-tcl-0:3.7.17-6.ael7b_1.1
  • sqlite-tcl-0:3.7.17-6.el7_1.1