Description

In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.

Remediation

References

CVE-2019-9937

Related Vulnerabilities

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.8.3)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.24)

WordPress Plugin PayPal Shopping Cart Multiple Vulnerabilities (1.1.9)

WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)

WebLogic CVE-2019-2891 Vulnerability (CVE-2019-2891)

Severity

High

Classification

CVE-2019-9937 CWE-476 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities