VDB

GCVE-110-MAGEIA-2017-238

GCVE-110-MAGEIA-2017-238
Advisory Published
Vulnetix · Advisory published August 3, 2017
Pointer disclosure in SQLite (CVE-2017-7000). The getNodeSize function in ext/rtree/rtree.c in SQLite mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact (CVE-2017-10989). Note: the CVE-2017-10989 issue only affected Mageia 5.

Affected Products

VendorProductVersionsPlatforms
Mageiasqlite30 (affected), 3.10.2-1.1.mga5 (unaffected)
Mageiasqlite30 (affected), 3.17.0-2.1.mga6 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›