CVE-2018-20506

{"id": "CVE-2018-20506", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2019-04-03T18:29:01.313", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2019/Jan/62", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2019/Jan/64", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2019/Jan/66", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2019/Jan/67", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2019/Jan/68", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2019/Jan/69", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/106698", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Jan/28", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Jan/29", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Jan/31", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Jan/32", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Jan/33", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Jan/39", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20190502-0004/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://sqlite.org/src/info/940f2adc8541a838", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT209443", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT209446", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT209447", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT209448", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT209450", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT209451", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4019-1/", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4019-2/", "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a \"merge\" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346."}, {"lang": "es", "value": "En SQLite, en versiones anteriores a la 3.25.3, cuando est\u00e1 habilitada la extensi\u00f3n FTS3, hay un desbordamiento de enteros que resulta en un desbordamiento de b\u00fafer para consultas FTS3 en una operaci\u00f3n de uni\u00f3n que ocurre despu\u00e9s de que se realicen cambios manipulados en las tablas de sombras de FTS3. Esto permite que atacantes remotos ejecuten c\u00f3digo arbitrario, explotando la posibilidad de ejecutar declaraciones SQL arbitrarias (como en ciertos casos de uso de WebSQL). Esta vulnerabilidad es diferente de CVE-2018-20346."}], "lastModified": "2021-07-31T08:15:08.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00D1E0B0-910B-4661-9E93-64746C0441A4", "versionEndExcluding": "3.25.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2160390-120A-4096-8A39-3CE6F440D8AC", "versionEndExcluding": "12.1.3"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EC331DC-EE67-426B-8C75-1E0E070901B8", "versionEndExcluding": "10.14.3"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDF826E3-9EA2-4EEF-94C9-CDBFA61BB083", "versionEndExcluding": "12.1.2"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F8B7E29-97B5-486D-BC28-FA0FF533C0FC", "versionEndExcluding": "5.1.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3250E005-6D79-4828-A31E-F4D132F9E6FF", "versionEndIncluding": "7.10"}, {"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE43E1DC-CC1C-411D-A28D-9FCB3679554A", "versionEndIncluding": "12.9.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}