SQLite Denial of Service Vulnerability (CVE-2015-3414)
SQLite Denial of Service Vulnerability (CVE-2015-3414)
Release date:
Updated on:
Affected Systems:
SQLite <3.8.9
Description:
CVE (CAN) ID: CVE-2015-3414
SQLite is an embedded database.
In versions earlier than SQLite 3.8.9, the sequence name of sorting rules is not properly referenced. An attacker with an independent context can construct a collate clause, this vulnerability can cause DoS (uninitialized memory access and application crash ).
<* Source: Michal zarewski ([email protected])
*>
Suggestion:
Vendor patch:
SQLite
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://www.sqlite.org/src/info/eddc05e7bb31fae74daa86e0504a3478b99fa0f2
SQLite3 installation and basic operations
Simple Application of SQLite databases in Ubuntu 12.04
How to install SQLite in Ubuntu 12.04
Basics of SQLite Database
SQLite details: click here
SQLite: click here
This article permanently updates the link address: