Description

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

Remediation

References

CVE-2017-15286

Related Vulnerabilities

WordPress Plugin WP125 Multiple Cross-Site Scripting Vulnerabilities (1.4.4)

WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.0)

WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)

Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21674)

Oracle Database Server CVE-2008-2607 Vulnerability (CVE-2008-2607)

Severity

High

Classification

CVE-2017-15286 CWE-476 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities