CVE-2019-16168
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
Affected (27)
Products: Sqlite: Sqlite · Netapp: Active Iq Unified Manager, E Series Santricity Os Controller, Oncommand Insight, Oncommand Workflow Automation, Ontap Select Deploy Administration Utility, Santricity Unified Manager, Steelstore Cloud Integrated Storage · Canonical: Ubuntu Linux · +5 more
Show all products
Sqlite: Sqlite · Netapp: Active Iq Unified Manager, E Series Santricity Os Controller, Oncommand Insight, Oncommand Workflow Automation, Ontap Select Deploy Administration Utility, Santricity Unified Manager, Steelstore Cloud Integrated Storage · Canonical: Ubuntu Linux · Fedoraproject: Fedora · Debian: Debian Linux · Tenable: Nessus Agent · Oracle: Communications Design Studio, Jdk, Jre, Mysql, Outside In Technology, Solaris, Zfs Storage Appliance · Mcafee: Policy Auditor
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From 9.5 | |
| From 11.0.0 to 11.60.3 | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.04 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 30 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.0 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 8.2.3 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.3.4.3.0 | |
| Version 1.8.0 update231 | |
| Version 1.8.0 update231 | |
| From 8.0.0 to 8.0.18 | |
| Version 8.5.4 | |
| Version 11 | |
| Version 8.8 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 6.5.1 |
References (34)
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.