Vulnerability Description
Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Ubuntu Linux | 12.04 |
| Sqlite | Sqlite | 3.8.2 |
Related Weaknesses (CWE)
References
- http://ubuntu.com/usn/usn-2698-1
- http://www.openwall.com/lists/oss-security/2015/07/14/5
- http://www.openwall.com/lists/oss-security/2015/07/15/4
- http://www.securityfocus.com/bid/76089
- https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758
- https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897ExploitVendor Advisory
- https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698Exploit
- http://ubuntu.com/usn/usn-2698-1
- http://www.openwall.com/lists/oss-security/2015/07/14/5
- http://www.openwall.com/lists/oss-security/2015/07/15/4
- http://www.securityfocus.com/bid/76089
- https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1448758
- https://www.sqlite.org/src/info/520070ec7fbaac73eda0e0123596b7bb3e9a6897ExploitVendor Advisory
- https://www.sqlite.org/src/info/ac5852d6403c9c9628ca0aa7be135c702f000698Exploit
FAQ
What is CVE-2013-7443?
CVE-2013-7443 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.
How severe is CVE-2013-7443?
CVE-2013-7443 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-7443?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Sqlite Sqlite.