%20--%3e%3csvg%20version='1.1'%20id='Layer_1'%20x='0px'%20y='0px'%20viewBox='0%200%20107.30001%20140.79999'%20xml:space='preserve'%20sodipodi:docname='mind_logo_positief.svg'%20width='107.30001'%20height='140.79999'%20xmlns:inkscape='http://www.inkscape.org/namespaces/inkscape'%20xmlns:sodipodi='http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd'%20xmlns='http://www.w3.org/2000/svg'%20xmlns:svg='http://www.w3.org/2000/svg'%3e%3cdefs%20id='defs29'%20/%3e%3csodipodi:namedview%20id='namedview29'%20pagecolor='%23505050'%20bordercolor='%23eeeeee'%20borderopacity='1'%20inkscape:showpageshadow='0'%20inkscape:pageopacity='0'%20inkscape:pagecheckerboard='0'%20inkscape:deskcolor='%23d1d1d1'%3e%3cinkscape:page%20x='0'%20y='0'%20width='107.30001'%20height='140.79999'%20id='page2'%20margin='0'%20bleed='0'%20/%3e%3c/sodipodi:namedview%3e%3cstyle%20type='text/css'%20id='style1'%3e%20.st0{fill:%231F1FA3;}%20.st1{fill:url(%23SVGID_1_);}%20.st2{fill:url(%23SVGID_00000033333245342322421190000001486717665348835473_);}%20.st3{fill:url(%23SVGID_00000075852413222229328580000001131059578544388517_);}%20%3c/style%3e%3cg%20id='g9'%20transform='translate(-21.299999,-20.6)'%3e%3clinearGradient%20id='SVGID_1_'%20gradientUnits='userSpaceOnUse'%20x1='4.8695998'%20y1='142.78'%20x2='99.248901'%20y2='35.348301'%3e%3cstop%20offset='0'%20style='stop-color:%2347EFF0'%20id='stop4'%20/%3e%3cstop%20offset='1'%20style='stop-color:%23297BFF'%20id='stop5'%20/%3e%3c/linearGradient%3e%3crect%20x='21.299999'%20y='64'%20class='st1'%20width='19.9'%20height='97.400002'%20id='rect5'%20style='fill:url(%23SVGID_1_)'%20/%3e%3clinearGradient%20id='SVGID_00000007421653842672228110000012418760815982452352_'%20gradientUnits='userSpaceOnUse'%20x1='23.7796'%20y1='159.3925'%20x2='118.1588'%20y2='51.9608'%3e%3cstop%20offset='0'%20style='stop-color:%2347EFF0'%20id='stop6'%20/%3e%3cstop%20offset='1'%20style='stop-color:%23297BFF'%20id='stop7'%20/%3e%3c/linearGradient%3e%3cpath%20style='fill:url(%23SVGID_00000007421653842672228110000012418760815982452352_)'%20d='M%2072.3,64%20H%2064%20v%2075.2%20H%2085.1%20V%2076.8%20C%2085.1,69.7%2079.4,64%2072.3,64%20Z'%20id='path7'%20/%3e%3clinearGradient%20id='SVGID_00000072986549029232277750000008760038133176911550_'%20gradientUnits='userSpaceOnUse'%20x1='20.501699'%20y1='156.51289'%20x2='114.881'%20y2='49.0812'%3e%3cstop%20offset='0'%20style='stop-color:%2347EFF0'%20id='stop8'%20/%3e%3cstop%20offset='1'%20style='stop-color:%23297BFF'%20id='stop9'%20/%3e%3c/linearGradient%3e%3cpath%20style='fill:url(%23SVGID_00000072986549029232277750000008760038133176911550_)'%20d='M%2073.6,20.6%20H%2064%20v%2019.9%20h%209.6%20c%2019.3,0%2035.1,15.7%2035.1,35.1%20v%2044.3%20h%2019.9%20V%2075.6%20c%200,-30.3%20-24.7,-55%20-55,-55%20z'%20id='path9'%20/%3e%3c/g%3e%3c/svg%3e)
Affected Component
Analysis
sqlite
Exploitable
Name
CVE-2018-20506
Description
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
CWEs
Published Date
Updated Date
Workaround
-
Advisories
http://seclists.org/fulldisclosure/2019/Jan/62Mailing List
http://seclists.org/fulldisclosure/2019/Jan/64Mailing List
http://seclists.org/fulldisclosure/2019/Jan/66Mailing List
http://seclists.org/fulldisclosure/2019/Jan/67Mailing List
http://seclists.org/fulldisclosure/2019/Jan/68Mailing List
http://seclists.org/fulldisclosure/2019/Jan/69Mailing List
https://seclists.org/bugtraq/2019/Jan/28Mailing List
https://seclists.org/bugtraq/2019/Jan/29Mailing List
https://seclists.org/bugtraq/2019/Jan/31Mailing List
https://seclists.org/bugtraq/2019/Jan/32Mailing List
https://seclists.org/bugtraq/2019/Jan/33Mailing List
https://seclists.org/bugtraq/2019/Jan/39Mailing List
https://security.netapp.com/advisory/ntap-20190502-0004/Third Party Advisory
https://sqlite.org/src/info/940f2adc8541a838Vendor Advisory
https://support.apple.com/kb/HT209443Third Party Advisory
https://support.apple.com/kb/HT209446Third Party Advisory
https://support.apple.com/kb/HT209447Third Party Advisory
https://support.apple.com/kb/HT209448Third Party Advisory
https://support.apple.com/kb/HT209450Third Party Advisory
https://support.apple.com/kb/HT209451Third Party Advisory
http://seclists.org/fulldisclosure/2019/Jan/62Mailing List
http://seclists.org/fulldisclosure/2019/Jan/64Mailing List
http://seclists.org/fulldisclosure/2019/Jan/66Mailing List
http://seclists.org/fulldisclosure/2019/Jan/67Mailing List
http://seclists.org/fulldisclosure/2019/Jan/68Mailing List
http://seclists.org/fulldisclosure/2019/Jan/69Mailing List
https://seclists.org/bugtraq/2019/Jan/28Mailing List
https://seclists.org/bugtraq/2019/Jan/29Mailing List
https://seclists.org/bugtraq/2019/Jan/31Mailing List
https://seclists.org/bugtraq/2019/Jan/32Mailing List
https://seclists.org/bugtraq/2019/Jan/33Mailing List
https://seclists.org/bugtraq/2019/Jan/39Mailing List
https://security.netapp.com/advisory/ntap-20190502-0004/Third Party Advisory
https://sqlite.org/src/info/940f2adc8541a838Vendor Advisory
https://support.apple.com/kb/HT209443Third Party Advisory
https://support.apple.com/kb/HT209446Third Party Advisory
https://support.apple.com/kb/HT209447Third Party Advisory
https://support.apple.com/kb/HT209448Third Party Advisory
https://support.apple.com/kb/HT209450Third Party Advisory
https://support.apple.com/kb/HT209451Third Party Advisory
Analysis#
Vulnerability Ratings#
8.1
other
6.8
CVSSv2